Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2018
Ran by petrc (22-04-2018 13:09:10)
Running from C:\Users\petrc\Desktop
Windows 10 Home Version 1709 16299.371 (X64) (2017-12-03 00:28:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1636204763-2709682355-4150238091-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1636204763-2709682355-4150238091-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1636204763-2709682355-4150238091-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1636204763-2709682355-4150238091-501 - Limited - Disabled)
petrc (S-1-5-21-1636204763-2709682355-4150238091-1001 - Administrator - Enabled) => C:\Users\petrc
WDAGUtilityAccount (S-1-5-21-1636204763-2709682355-4150238091-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Collection (HKLM-x32\...\{8CD449EA-BBA0-477F-AFF9-9AF6E8C50EF2}) (Version: 1.01.3006 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3008 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{9F72F939-2A09-97A7-84FA-312AF5A42A8A}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0336 - Disc Soft Ltd)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
ELAN HIDI2C Filter Driver X64 13.6.4.1_WHQL (HKLM\...\Elantech) (Version: 13.6.4.1 - ELAN Microelectronic Corp.)
ENE KB9X I2C Controller Driver (HKLM\...\0C78F1298C9A10E6EE6050EC07C69913C7E56B2C) (Version: 05/13/2015 1.0.1.0 - ENE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.117 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GoPro Studio (HKLM-x32\...\{BE06FF1A-83A0-42F2-913E-6E405393145C}) (Version: 5.12.5383 - GoPro, Inc.) Hidden
Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1636204763-2709682355-4150238091-1001\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MINI-LINK Craft 17A (HKLM-x32\...\MINI-LINK Craft 17A) (Version: 17A - Ericsson)
MINI-LINK SP110 CRAFT 1.3 (HKLM-x32\...\MINI-LINK SP110 CRAFT 1.3) (Version: 1.3 - Ericsson)
Mozilla Firefox 59.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.1 (x64 en-US)) (Version: 59.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10367 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.254 - Qualcomm Atheros)
Quik (HKLM\...\{DF7EE9CB-0369-44F3-9B91-BF05A2D4891D}) (Version: 0.1.5383 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7751 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-1636204763-2709682355-4150238091-1001\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
SP CRAFT 1.9 (HKLM-x32\...\SP CRAFT 1.9) (Version: 1.9 - Ericsson)
Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
VFW_Codec32 (HKLM-x32\...\{ECDB3455-70F4-4EE6-B89E-3B4C5E9FF592}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{AE4073DE-7596-4E3B-9DE3-18BE2C3EFAA6}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-29] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-09] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-09] (Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-29] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-07] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-29] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-12] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02A75478-111B-4FFC-A940-37ACC3E03896} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-09] (Google Inc.)
Task: {0621FDBB-ADD5-44B7-A2AB-8288118B6295} - \Microsoft\Windows\Feedback\Siuf\DmClient -> No File <==== ATTENTION
Task: {0CA335DC-DE23-4812-B13A-5D1EC6D2AD40} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-09-14] (Acer Incorporated)
Task: {2B36057D-8BDD-4C66-BB7A-0A6D9D96C8A7} - \App Explorer -> No File <==== ATTENTION
Task: {2D3B9309-6E41-43DB-9575-57D9B49DF834} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [2015-05-14] ()
Task: {3398159C-CCD4-4E85-B7B6-E8B572EF2C7E} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-03] (Acer)
Task: {3ADB4B05-F79B-4E16-BE0D-F58FBA0F4C7D} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-06-25] ()
Task: {48BB3992-E48B-43DE-ABFE-AEA4F65D4B0F} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {49C9F218-7772-48A8-89B1-D7D5A31F9947} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {57AA97B6-655F-493D-8711-E21E3FC341DE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-04-12] (AVAST Software)
Task: {5E5F38E9-CC4C-4A50-88CF-E14DEBDFFB70} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-06-25] ()
Task: {5E614367-F456-4327-9145-6B164870FA97} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-09-14] (Acer Incorporated)
Task: {69B32668-7FBE-4880-ADD3-70E2F7C4D0D8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-17] (Microsoft Corporation)
Task: {785081AB-3A09-405A-953B-910550AA926A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-17] (Microsoft Corporation)
Task: {80986580-9B0E-414D-9B0A-E26598A4719B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {9D0E47E1-13B1-4224-B9A5-6D4320F12A09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-09] (Google Inc.)
Task: {9D936BF4-09D1-4995-BC46-A0508C7D5491} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {A3EF19BF-C72B-42AE-85B5-1F91AD6016F0} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-21] ()
Task: {AE4569B6-8324-47FA-9970-0D459384F079} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-07] (Piriform Ltd)
Task: {AED32069-1DFE-41F5-A966-CF7E9496E24A} - System32\Tasks\AdwCleaner_onReboot => C:\Users\petrc\Desktop\adwcleaner_7.1.0.0.exe [2018-04-20] (Malwarebytes)
Task: {B6757A3C-1AAD-4223-8DAA-39AFE22B15A6} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [2017-03-03] (Acer Incorporated)
Task: {BAB59583-0735-49A0-9591-61DDD8B02D4C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-06-25] ()
Task: {CA82DD27-8764-4A50-8147-C1B95CBF82E0} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {D45636D4-B131-47AD-AC9F-471AC7D16AE8} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {DAB3D0EB-A2D2-49BF-88F2-5D84E687C191} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [2017-03-03] ()
Task: {EEC59E31-EC0D-42F3-8471-052791D1B462} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-09-14] (Acer Incorporated)
Task: {F056AB32-D251-46A1-B531-6E57C8700360} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-04-17] (Microsoft Corporation)
Task: {F34CA4F5-852D-4832-82B4-C3145514D265} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-17] (AVAST Software)
Task: {F6027CB3-9A58-415A-80F2-B1404204D4F5} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION
Task: {F643813A-E024-4685-9AE0-332F4CC371DA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {F9CB92AA-B078-45C4-A817-47EBF192B8A2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-07] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\petrc\Desktop\InstelNET\MW\Huawei\MW HUA\WebLCTNova verze\WebLCT\startweblct – zástupce.lnk -> D:\Instelnet\Vystavba\RSK\WebLCTNova verze\WebLCT\startweblct.bat (No File)

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 23:41 - 2017-09-29 23:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-17 01:15 - 2017-03-17 01:15 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2017-01-21 23:31 - 2016-05-17 05:02 - 000111320 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2017-03-17 01:15 - 2017-03-17 01:15 - 000866224 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2018-03-03 10:45 - 2018-03-03 10:45 - 004407808 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\fdd511341f5305be5742051c1f6ff480\DiscSoft.NET.Common.ni.dll
2018-04-20 09:22 - 2018-04-17 15:01 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.117\libglesv2.dll
2018-04-20 09:22 - 2018-04-17 15:01 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.117\libegl.dll
2018-04-12 23:50 - 2018-04-12 23:50 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-04 08:23 - 2018-03-04 08:23 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-04-12 23:49 - 2018-04-12 23:49 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-04-12 23:50 - 2018-04-12 23:50 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-04-12 23:49 - 2018-04-12 23:49 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 21:47 - 2018-04-20 00:08 - 000000834 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1636204763-2709682355-4150238091-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\petrc\Desktop\InstelNET\Kancl\panorama-neupravena_expozice.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1636204763-2709682355-4150238091-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{912420F8-3F95-4F9C-A07A-77795422860F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B7F9DDD8-4B2E-4163-94EF-D5E04891CF21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{E2352F33-8377-402A-A87E-8FAAD98E465E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{7A4A8CC7-9874-4237-AAA8-7A0F648A805A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{1FCAAE66-234F-4053-B9FD-B78AE76B29D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ADB5D2A1-F12E-4AAA-BA32-7C75536027DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{249CEA65-8C80-449A-93E1-2C4F8F7100A9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{F6D8EDAB-DFD3-4FE4-844F-378F90D20E1C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{8F1E71A4-F0B0-4C66-84BD-B00B485F3A38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F0D315DF-4663-4183-A253-D137F1BE444B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{C9FF6033-0BCC-4773-BDB4-060AD1CB958D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{521743B4-B8A5-47A4-B073-79BCD0BB5030}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{91DFEC6C-F38E-4F89-BF15-F6354D5F5E9E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{BD4BB4BC-58CF-42E7-A04E-B12051BBB982}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3153DCF8-80DB-4F89-AC96-16E96E2A5199}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F1A3D0F0-C2EB-4D27-B188-7DB0D95BE32D}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe
FirewallRules: [{8B382BEE-709F-44D2-91BF-76E41B5081DE}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{8C1D4559-9AB8-4DD4-B0D3-D5DC3C7C4DD1}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{327D3462-8A64-43BD-B595-5C74A9ACA65A}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{D4D54DDF-4792-4A55-944B-87E959273642}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{C67C9E86-AB61-4241-B6B6-492BDC0B496D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E7977A10-3FB7-4E7C-BBB8-A26506134DB5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{225106FE-71B3-4B3C-B721-63EECD05CCFB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F0682913-25E5-4B14-9E1D-A9AFE63C1684}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

30-03-2018 12:23:32 Naplánovaný kontrolní bod
12-04-2018 11:32:17 Naplánovaný kontrolní bod
19-04-2018 14:33:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2018 01:05:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: smartscreen.exe, verze: 10.0.16299.98, časové razítko: 0x0627a514
Název chybujícího modulu: smartscreen.exe, verze: 10.0.16299.98, časové razítko: 0x0627a514
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000064126
ID chybujícího procesu: 0xf14
Čas spuštění chybující aplikace: 0x01d3d9e68eac03e0
Cesta k chybující aplikaci: C:\Windows\System32\smartscreen.exe
Cesta k chybujícímu modulu: C:\Windows\System32\smartscreen.exe
ID zprávy: 35ee1fe1-cc23-4daa-b14c-39f6b361fd48
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (04/22/2018 01:03:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: smartscreen.exe, verze: 10.0.16299.98, časové razítko: 0x0627a514
Název chybujícího modulu: smartscreen.exe, verze: 10.0.16299.98, časové razítko: 0x0627a514
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000064126
ID chybujícího procesu: 0xf90
Čas spuštění chybující aplikace: 0x01d3d9e672f6fede
Cesta k chybující aplikaci: C:\Windows\System32\smartscreen.exe
Cesta k chybujícímu modulu: C:\Windows\System32\smartscreen.exe
ID zprávy: b5b961b5-0fa9-406d-9de5-4253ccaf8fb2
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (04/22/2018 01:00:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: smartscreen.exe, verze: 10.0.16299.98, časové razítko: 0x0627a514
Název chybujícího modulu: smartscreen.exe, verze: 10.0.16299.98, časové razítko: 0x0627a514
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000064126
ID chybujícího procesu: 0x1408
Čas spuštění chybující aplikace: 0x01d3d9e585556720
Cesta k chybující aplikaci: C:\Windows\System32\smartscreen.exe
Cesta k chybujícímu modulu: C:\Windows\System32\smartscreen.exe
ID zprávy: 1772e952-de0a-4906-a00a-f8b09883e40f
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (04/21/2018 10:45:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.16299.248, časové razítko: 0x18ee648b
Název chybujícího modulu: twinui.pcshell.dll, verze: 10.0.16299.248, časové razítko: 0x362fafd8
Kód výjimky: 0x80270233
Posun chyby: 0x00000000001c47f5
ID chybujícího procesu: 0x13d4
Čas spuštění chybující aplikace: 0x01d3d96e4a931aa8
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\twinui.pcshell.dll
ID zprávy: 016ac6d8-b210-4cb5-a9a3-28afa518967b
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (04/21/2018 10:25:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/21/2018 12:51:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/20/2018 04:14:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1579

Error: (04/20/2018 04:14:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1579


System errors:
=============
Error: (04/22/2018 12:56:36 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-K2A0LNCK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli LAPTOP-K2A0LNCK\petrc (SID: S-1-5-21-1636204763-2709682355-4150238091-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/22/2018 12:43:10 PM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.

Error: (04/22/2018 10:42:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Propojená uživatelská prostředí a telemetrie byla ukončena s následující chybou: 
%%2147944153 = Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Error: (04/22/2018 10:42:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Propojená uživatelská prostředí a telemetrie byla ukončena s následující chybou: 
%%2147944153 = Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Error: (04/22/2018 10:40:39 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Propojená uživatelská prostředí a telemetrie byla ukončena s následující chybou: 
%%2147944153 = Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Error: (04/22/2018 10:40:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/22/2018 10:40:20 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Propojená uživatelská prostředí a telemetrie byla ukončena s následující chybou: 
%%2147944153 = Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Error: (04/22/2018 10:38:35 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-K2A0LNCK)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli LAPTOP-K2A0LNCK\petrc (SID: S-1-5-21-1636204763-2709682355-4150238091-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2017-12-28 06:37:46.511
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {63C54845-6A82-4E9B-A791-D1CD2D0F2004}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-12-28 06:18:03.504
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1BC72E19-7E69-4D85-8F8F-A3A216097CD0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-12-10 23:43:11.362
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {108BDC48-5AA3-442D-9AA7-4A05107465DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-12-05 08:34:38.898
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {46623C73-968B-42F3-A174-41E6D736D79B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-12-03 12:21:02.323
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Název: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\petrc\Downloads\Adobe-Photoshop-Lightroom-CC-6.5.1-Multilingual-+-Crack-[SadeemPC]\Adobe Photoshop Lightroom CC 6.5.1 Multilingual + Crack [SadeemPC]\Crack\ADOBE_CC_V2015-XFORCE\xf-adobecc2015.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.257.1260.0, AS: 1.257.1260.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2017-12-23 11:49:14.838
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.259.686.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14405.2
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

CodeIntegrity:
===================================

Date: 2018-03-23 21:35:36.141
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-23 21:35:36.137
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-23 21:34:17.138
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-23 21:34:17.134
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-23 21:20:03.938
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-23 21:20:03.934
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-23 21:18:05.067
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-23 21:18:05.062
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: AMD A4-7210 APU with AMD Radeon R3 Graphics 
Percentage of memory in use: 69%
Total physical RAM: 3541.37 MB
Available physical RAM: 1094.45 MB
Total Virtual: 5141.37 MB
Available Virtual: 2611.88 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:752.08 GB) NTFS

\\?\Volume{aca38ff0-7909-4280-a5be-2f159b2ae5d1}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
\\?\Volume{ed84e458-e8d0-4b58-aae4-b619a85e7a94}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5774F829)

Partition: GPT.

==================== End of Addition.txt ============================