﻿Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by xxx (01-09-2018 06:53:20)
Running from D:\zzzzz
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2013-03-06 15:22:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1312145065-2419162411-1920721547-500 - Administrator - Disabled)
Guest (S-1-5-21-1312145065-2419162411-1920721547-501 - Limited - Disabled)
xxx (S-1-5-21-1312145065-2419162411-1920721547-1000 - Administrator - Enabled) => C:\Users\xxx

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
AMD APP SDK 2.9 (HKLM\...\{B192EDAC-25C7-408D-99A0-A23455F50E27}) (Version: 2.9.233.167 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM\...\{63059735-CA97-FDFB-0E7A-3B8D81572EFD}) (Version: 2.0.4888.34279 - Advanced Micro Devices, Inc.)
ArGoSoft Mail Server Freeware (HKLM\...\ArGoSoftMailServer) (Version:  - )
ARTHUR (HKLM\...\ARTHUR) (Version:  - )
Autochartist MetaTrader Expert Advisor (HKLM\...\{DB77D054-BDF7-43B1-A799-5B6371F3D5A3}) (Version: 156 - MDIO Software) Hidden
Autochartist MetaTrader Expert Advisor (HKLM\...\Autochartist MetaTrader Expert Advisor 156) (Version: 156 - MDIO Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{B865FDD4-E96E-4166-BB69-6E8C207E3E29}) (Version: 17.0.491 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (HKLM\...\{1F57FEF3-3E49-4252-B977-B98D3A7C89D0}) (Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (HKLM\...\{2DD67752-A84F-493D-884B-A857CEE14A88}) (Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (HKLM\...\{34560654-E7ED-4D0C-B75B-C2DD243A3860}) (Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro Title Pack (HKLM\...\{466B8FC6-8D80-4DA1-BA2D-EC7094BD3C31}) (Version: 1.00.0000 - Corel Corporation) Hidden
DreamStation DXi2 (HKLM\...\DreamStation DXi2) (Version:  - )
Forex EA Generator 6.x (HKLM\...\Forex EA Generator 6.x_is1) (Version:  - )
Free VPN version 3.2 (HKLM\...\{05A4243F-4ADC-416C-A21A-91613A87577E}_is1) (Version: 3.2 - VPNMaster, Inc.)
FreeProxy version 3.90 php plugin (HKLM\...\FreeProxy/FreeWeb php plugin_is1) (Version: 3.90 - Hand-Crafted Software)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoTo Opener (HKLM\...\{8B2D47CC-1558-4939-B27F-41E30530072A}) (Version: 1.0.467 - LogMeIn, Inc.)
GoToMeeting 8.33.0.9250 (HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\GoToMeeting) (Version: 8.33.0.9250 - LogMeIn, Inc.)
Internet Information Services (IIS) 7 Manager (HKLM\...\{2349E6AA-CFCA-4D17-B633-3ECDA92E38CD}) (Version: 7.0.0.0 - Microsoft Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
McAfee WebAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.208 - McAfee, Inc.)
MetaTrader 4 Admiral Markets (HKLM\...\MetaTrader 4 Admiral Markets 1) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 Admiral Markets (HKLM\...\MetaTrader 4 Admiral Markets 3) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 Admiral Markets (HKLM\...\MetaTrader 4 Admiral Markets vyzva) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 Admiral Markets (HKLM\...\MetaTrader 4 Admiral Markets) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{476F88BA-08DD-32D8-A8B0-E85EE28CB27F}) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{EDE4AA32-ECD4-4FC2-BAD2-E50ED86219E6}) (Version: 3.51.16 - MySQL AB)
Opera Stable 54.0.2952.71 (HKLM\...\Opera 54.0.2952.71) (Version: 54.0.2952.71 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\PhotoFiltre 7) (Version:  - )
QK SMTP Server (HKLM\...\QK SMTP Server) (Version: hxxp://www.qksoft.com/ - QKSoft)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
RoboForex - MetaTrader 4 (HKLM\...\RoboForex - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Screenshot Captor 4.20.1 (HKLM\...\ScreenshotCaptor_is1) (Version:  - )
Sculptris Alpha 6 (HKLM\...\{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic) Hidden
Sculptris Alpha 6 (HKLM\...\InstallShield_{D2883AB6-09B4-4981-AAF8-E695411EEC9A}) (Version: 0.6 - Pixologic)
SendMails - hromadné zasílání zpráv (HKLM\...\SendMails_is1) (Version:  - Martin Roubec)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TelemetricSys (HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\TelemetricSys) (Version: 1.0.0.2 - TelemetricSys)
TP-LINK TL-WN725N_TL-WN723N Driver (HKLM\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uranus (HKLM\...\Uranus) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VIA Rhine Family Fast Ethernet Adapter (HKLM\...\VN_VUIns_Rhine_VIA) (Version:  - VIA Technologies, Inc.)
vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.7.9 - Shark007)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XM UK MT4 (HKLM\...\XM UK MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\System32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\System32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\System32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{076565A2-A31A-8A26-6170-5199211C942C}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\System32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\System32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\MSINET.Ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\System32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\System32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\System32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\System32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\xxx\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => No File
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\xxx\AppData\Local\GoToMeeting\7759\G2MOutlookAddin.dll => No File
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\System32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{B346A2CC-3CA3-4405-9BC8-5CFE5A7515A3}\InprocServer32 -> C:\ProgramData\Stardock\XGF\XGFSidebarLink.ocx (Stardock Corporation)
CustomCLSID: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\System32\comdlg32.ocx (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files\Alcohol Soft\Alcohol 120\AxShlex.dll [2010-03-25] (Alcohol Soft Development Team)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2012-11-16] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {075197F7-E23D-4CD2-B8CD-37DD55B4764B} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe
Task: {0E891BDB-AC18-43B1-880A-47DD55B0EE9E} - System32\Tasks\{045E8A4D-3183-45A1-8DDB-13CFBBA4C7F1} => C:\Program Files\Smith Micro\Poser Pro 2012\PoserPro.exe
Task: {117B6F55-12F4-4FCA-9E25-3743146B4F3B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1312145065-2419162411-1920721547-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {18AE62CC-67B5-4B82-BD90-5ACF3EF1464C} - System32\Tasks\{CB71B213-FFB2-43E3-A614-0C867308FAC1} => C:\Program Files\Common Files\jyBOEA.exe [2009-07-14] (Microsoft Corporation)
Task: {22666600-DCA9-462A-9D5C-DC072C3CB680} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe
Task: {294C316A-3B73-4C9F-B5B0-D2E2F2A1D364} - System32\Tasks\AutochartistMT4EAUpdater => C:\Program Files\MDIO Software\Autochartist MetaTrader Expert Advisor\Autochartist_EA.exe
Task: {2C31A4F3-90F1-4408-8DFC-3D1891F5E005} - System32\Tasks\{D425D0BA-7460-45C3-8A7C-0CF24C0AF259} => C:\Program Files\MAXON\CINEMA 4D R14\CINEMA 4D.exe
Task: {4424E598-7382-40D9-8D24-FB16E76268C4} - System32\Tasks\{353D2A27-DFDA-41D4-97B4-E3C1792D62B4} => C:\Program Files\MAXON\CINEMA 4D R14\CINEMA 4D.exe
Task: {44DC42C7-5791-460A-8970-59BE04686FEB} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
Task: {4A73FF48-E012-4929-AA20-DC8AFA06CF87} - System32\Tasks\{C55EB533-C753-48C4-85F3-050E2849049C} => C:\Program Files\QK SMTP Server 3\QKSmtpServer3.exe
Task: {4FB011E4-F6F4-44F5-A3C9-438CD20FC8B0} - System32\Tasks\SafeZone scheduled Autoupdate 1468393293 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {5370054C-0E1F-4E1A-A0CF-B21173F2F050} - System32\Tasks\{522D28DA-EC41-4F23-ACC3-A2F0A11E5EFD} => C:\Program Files\MAXON\CINEMA 4D R14\CINEMA 4D.exe
Task: {53D519AA-300C-4409-A4EB-A68FD0E8F77A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {542FE401-E7E2-4038-AB36-C1056C59DDE7} - System32\Tasks\{A32FD292-6A66-4701-9541-3C6A9122D0DC} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Xforex MetaTrader\Uninstall.exe"
Task: {61DAB1F1-43FA-4413-8052-7967EFDDCF23} - System32\Tasks\Java(TM) Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-07-21] (Oracle Corporation)
Task: {621242E6-C02E-480C-99E7-C030F2450286} - System32\Tasks\TelemetricSys => C:\Users\xxx\AppData\Roaming\TelemetricSys\TelemetricSys.exe <==== ATTENTION
Task: {62BB13DA-82A1-48CF-BAC8-03856889AD30} - System32\Tasks\{279E036E-01F3-4066-BA9D-51309DC71D7D} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {64C36EFE-7A24-4AF0-B031-453ADADECF4B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {64CBEFB5-83A7-471A-8DA3-21E9E6A19EE9} - System32\Tasks\{F1A79BB9-202F-497B-AA92-DBA3683BD41A} => C:\Program Files\MAXON\CINEMA 4D R14\CINEMA 4D.exe
Task: {6FD08A80-A4CC-43FB-9B5C-2DD48EB307C1} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
Task: {73139881-F212-450A-88A2-810911BCA2A4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-08-18] (AVAST Software)
Task: {77A2D7B1-96F8-41C5-BF4F-5F2E26030F1B} - System32\Tasks\G2MUpdateTask-S-1-5-21-1312145065-2419162411-1920721547-1000 => C:\Users\xxx\AppData\Local\GoToMeeting\9250\g2mupdate.exe [2018-08-15] (LogMeIn, Inc.)
Task: {7ACDC0F5-EB96-4530-AA9C-150322FF6A25} - System32\Tasks\{464C0240-FACA-45A9-93A6-F84A97C1AA1E} => C:\Program Files\MAXON\CINEMA 4D R14\CINEMA 4D.exe
Task: {7C3EC534-3E49-4AED-881B-01D3E9A07357} - System32\Tasks\{BD590F2E-96AE-4943-BE74-96B09062CE25} => C:\Windows\system32\pcalua.exe -a C:\Users\xxx\Downloads\guiminer-20121203.exe -d C:\Users\xxx\Downloads
Task: {8136E952-4CDA-4BDC-8C82-3384431CE861} - System32\Tasks\{CAF57419-93A3-4EF1-8FE4-96AD2CE0A4B5} => C:\Windows\system32\pcalua.exe -a C:\Users\xxx\Downloads\sculptris\Sculptris.exe -d C:\Users\xxx\Downloads\sculptris
Task: {8621C25B-7D5B-4737-9BCF-91E6FA084DA9} - System32\Tasks\RealDownloader Update Check => C:\program files\real\realplayer\RealDownloader\downloader2.exe
Task: {8772E15B-CAA3-4E63-A544-85D657357871} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1312145065-2419162411-1920721547-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {8C5CB0CE-5B44-4E71-BC02-EB52C68F690B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {92135D29-F502-42F8-8CCE-DDC632C81C3F} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {92A34E42-9409-46EB-BFF9-A72C9942925C} - System32\Tasks\{A09FBDBC-7136-4B95-9464-EC86C6488F04} => C:\Program Files\Smith Micro\Poser Pro 2012\PoserPro.exe
Task: {A04B6F46-20F3-4D8F-ADA9-DA01C7F420F3} - System32\Tasks\{F1012F47-A190-4DAE-8682-F112AD54188F} => C:\Program Files\Smith Micro\Poser Pro 2012\PoserPro.exe
Task: {A33AC277-74C1-457E-B794-CD262D746CAA} - System32\Tasks\{F7074A63-0E06-4545-902D-18FECFA4DCF0} => C:\Windows\system32\pcalua.exe -a D:\Casino\Casino.com\casino.exe -d D:\Casino\Casino.com
Task: {A5226DE0-F2D1-42D5-9530-8135C1444627} - System32\Tasks\{CA88B148-4365-485B-8F73-E0F500BACFEE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\hMailServer\Bin\DBSetup.exe" -d "C:\Program Files\hMailServer\Bin"
Task: {A55F0775-AD51-4262-B220-5027CC7F8C2E} - System32\Tasks\{67A418A7-34F2-48B8-867A-E76D13931164} => C:\Program Files\MAXON\CINEMA 4D R14\CINEMA 4D.exe
Task: {A890F492-1484-42B8-9D3A-24620FFD3601} - System32\Tasks\{40495B0C-BF88-436C-9B60-4EC69E7837C9} => C:\Program Files\MAXON\CINEMA 4D R14\CINEMA 4D.exe
Task: {AC15FA2F-61C3-4D90-AD74-3FD8366EABBD} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe
Task: {AC7C741B-AA0C-4A47-B450-85DF18CAA1A6} - System32\Tasks\{3B26E2F0-E422-4582-AFE9-409E14AB94E8} => C:\Windows\system32\pcalua.exe -a C:\WINDOWS\DSDXIRMV.EXE -c C:\PROGRAM FILES\CAKEWALK\SHARED DXI\AUDIO SIMULATION\DREAMSTATION DXI2
Task: {ACA09DD7-29D6-4526-B1CB-DBF3A7D68BAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {ADA267DE-5411-445C-AEBA-09D04F365879} - System32\Tasks\{9A44B8A5-1F40-4F5B-B16A-16F53AA5BE7D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{D2883AB6-09B4-4981-AAF8-E695411EEC9A}\setup.exe" -c -runfromtemp -l0x0409  -removeonly
Task: {AEABF7F3-3E50-4D0D-A066-957C346D1967} - System32\Tasks\G2MUploadTask-S-1-5-21-1312145065-2419162411-1920721547-1000 => C:\Users\xxx\AppData\Local\GoToMeeting\9250\g2mupload.exe [2018-08-15] (LogMeIn, Inc.)
Task: {AF93F912-7171-4D11-8507-1E56CFD8E8C9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {BC3D9C38-073F-4B02-8439-729860601979} - System32\Tasks\{DD909E2E-EC27-4C4C-B529-BCD255725975} => C:\Program Files\Smith Micro\Poser Pro 2012\PoserPro.exe
Task: {BC91BFC0-A5AF-425E-9483-8D7B9792EEC6} - System32\Tasks\Opera scheduled Autoupdate 1493985953 => C:\Program Files\Opera\launcher.exe [2018-08-07] (Opera Software)
Task: {C14692BA-4A3C-4BC2-8E7E-7466C1A64149} - System32\Tasks\AutochartistRADownload => C:\Windows\System32\cmd.exe /C start /min C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -windowstyle hidden -ExecutionPolicy Bypass -File "C:\Program Files\MDIO Software\Autochartist MetaTrader Expert Advisor\DownloadVAFiles.ps1"
Task: {C667BBE5-49AE-4B71-AADC-5D4A035B536C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-23] (AVAST Software)
Task: {C7010EE1-182D-4A07-8478-F0EDEDEDF179} - System32\Tasks\kotcatkcomksz => "C:\Program Files\Google\Chrome\Application\chrome.exe" kotcatk.com/ksz <==== ATTENTION
Task: {CDF55991-FF86-410E-A829-6E884AF4F62B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-15] (Adobe Systems Incorporated)
Task: {CFE5A46B-9107-44AD-A6F8-970324804C97} - \RealPlayer (32-bit)  -> No File <==== ATTENTION
Task: {E4093D91-D9F3-4197-9B41-33D8B6777783} - System32\Tasks\Microsoft\Windows\Diagnosis\KeyCreator => C:\Users\xxx\AppData\Roaming\\keycreator\\kget.exe
Task: {EB606740-F9D4-4C63-B5F2-2CD53254B6C9} - System32\Tasks\{25C17AC4-AF50-4932-8D39-346865DC629D} => C:\Program Files\Smith Micro\Poser Pro 2012\PoserPro.exe
Task: {F6FF4248-231C-4B31-9432-2B32EA8C100D} - System32\Tasks\{7F6A9ABD-6160-45AC-9EB9-949657F2513F} => C:\Program Files\MAXON\CINEMA 4D R14\CINEMA 4D.exe
Task: {F73F0B59-014B-4B48-8D69-A500A2CAB872} - System32\Tasks\{C58D9D25-56AF-40FA-8AA2-36BD7EFB77CF} => C:\Program Files\Common Files\iOCEropcPITcV.exe [2009-07-14] (Microsoft Corporation)
Task: {FC4A9ED0-2642-4E0A-8C67-F345E7E69103} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1312145065-2419162411-1920721547-1000.job => C:\Users\xxx\AppData\Local\GoToMeeting\9250\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1312145065-2419162411-1920721547-1000.job => C:\Users\xxx\AppData\Local\GoToMeeting\9250\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=834404"

==================== Loaded Modules (Whitelisted) ==============

2017-08-15 21:49 - 2017-08-15 21:49 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-15 21:49 - 2017-08-15 21:49 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-15 21:49 - 2017-08-15 21:49 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-08-11 17:30 - 2018-08-11 17:30 - 005654160 _____ () C:\Program Files\AVAST Software\Avast\defs\18081102\algo.dll
2017-08-15 21:49 - 2017-08-15 21:49 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-08-15 21:49 - 2017-08-15 21:49 - 000231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-11-29 18:00 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\xxx\AppData\Roaming\Seznam.cz\bin\12431libfoxloader.dll
2017-08-15 21:49 - 2017-08-15 21:49 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-08-15 21:49 - 2017-08-15 21:49 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-15 21:48 - 2017-08-15 21:48 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-11-29 18:00 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\xxx\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-11-29 18:00 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\xxx\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-06-30 13:12 - 2013-01-10 19:09 - 000848384 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-06-30 13:12 - 2013-01-10 18:32 - 001411072 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-06-30 13:12 - 2013-01-10 19:16 - 000193024 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-06-30 13:12 - 2013-01-07 16:03 - 000297472 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll
2015-01-10 19:20 - 2015-01-10 19:20 - 000066872 _____ () C:\Windows\system32\PnkBstrA.exe
2015-01-10 19:20 - 2015-01-10 19:20 - 000103736 _____ () C:\Windows\system32\PnkBstrB.exe
2016-06-05 12:58 - 2016-06-05 12:18 - 000406016 _____ () C:\Program Files\pSP2Clnt\service\pSP2Clnt.exe
2017-08-15 21:48 - 2017-08-15 21:48 - 000134928 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
2018-08-09 19:16 - 2018-08-09 18:58 - 087838296 _____ () C:\Program Files\Opera\54.0.2952.71\opera_browser.dll
2018-08-09 19:16 - 2018-08-09 18:57 - 003871320 _____ () C:\Program Files\Opera\54.0.2952.71\libglesv2.dll
2018-08-09 19:16 - 2018-08-09 18:57 - 000086616 _____ () C:\Program Files\Opera\54.0.2952.71\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\Software\Classes\batfile:  <==== ATTENTION
HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\Software\Classes\cmdfile:  <==== ATTENTION
HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2018-04-11 15:03 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1312145065-2419162411-1920721547-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{505B1745-BBC5-4E68-8AEA-7A4DF5072A5D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A68D00B7-8CBD-44E7-BE0E-60E40EF86D1A}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{0360AC5D-6309-48B7-A1A8-0EE5F159C5E2}C:\program files\sendmails\sa\spamassassin.exe] => (Allow) C:\program files\sendmails\sa\spamassassin.exe
FirewallRules: [UDP Query User{C63939C4-BB1E-4FFE-8E6C-2B7FE1AE1EB5}C:\program files\sendmails\sa\spamassassin.exe] => (Allow) C:\program files\sendmails\sa\spamassassin.exe
FirewallRules: [TCP Query User{6F5484B7-4AD2-4413-B31E-EB82FACECE06}C:\program files\qk smtp server 3\qksmtpserver3.exe] => (Allow) C:\program files\qk smtp server 3\qksmtpserver3.exe
FirewallRules: [UDP Query User{44E294EB-8E5B-41DD-B515-D06F0C9AC721}C:\program files\qk smtp server 3\qksmtpserver3.exe] => (Allow) C:\program files\qk smtp server 3\qksmtpserver3.exe
FirewallRules: [{5FF68624-97E3-4164-8DB7-AA1BE7005203}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{21BF5343-A845-4C2F-8918-A942C303C549}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{F8D0FA0B-69EB-4FE2-940B-722AC3D2279B}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{6F06B69B-C3A4-4CD4-ABE0-07B65AA8EA9C}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [TCP Query User{EE6CA9BE-4802-427A-AE3E-2D7A1ECD44B0}C:\program files\qk smtp server 3\qksmtpserver3.exe] => (Allow) C:\program files\qk smtp server 3\qksmtpserver3.exe
FirewallRules: [UDP Query User{309CB330-96B7-4907-BE2F-B31FC45C6C01}C:\program files\qk smtp server 3\qksmtpserver3.exe] => (Allow) C:\program files\qk smtp server 3\qksmtpserver3.exe
FirewallRules: [{D2D1DE75-2ED4-44C0-BC03-695263AE048F}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{ADD2A5FA-FBFC-4322-A50E-7AFF3C6FC0D5}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{FFE7C1AA-B7EC-4BF5-8F55-4ADB9C9F85D4}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4E9149D7-A89A-4094-BF34-50109B3E3F90}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{21D8C974-6D03-4893-A570-CA85E9631734}] => (Allow) C:\Program Files\FreeTime\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{612167D9-75E0-4536-B45B-BAE359268C91}] => (Allow) C:\Program Files\HighSky Trader 5\metatester.exe
FirewallRules: [TCP Query User{E6B19FC0-2254-44F2-ADBD-FB14EF93C7CF}C:\program files\metatrader 4 admiral markets\terminal.exe] => (Allow) C:\program files\metatrader 4 admiral markets\terminal.exe
FirewallRules: [UDP Query User{77C2C3BD-3EE0-4AC9-99A3-5F5F46DA4E99}C:\program files\metatrader 4 admiral markets\terminal.exe] => (Allow) C:\program files\metatrader 4 admiral markets\terminal.exe
FirewallRules: [TCP Query User{0F061536-4A42-4FFE-B77E-6113F8208BF5}C:\program files\free smtp server\localsrv.exe] => (Allow) C:\program files\free smtp server\localsrv.exe
FirewallRules: [UDP Query User{110D9719-5950-4D86-82B6-62F7C9BF730A}C:\program files\free smtp server\localsrv.exe] => (Allow) C:\program files\free smtp server\localsrv.exe
FirewallRules: [TCP Query User{B23AFB05-CACF-43B8-B46A-D85C465C91F4}C:\program files\sendmails\sa\spamassassin.exe] => (Allow) C:\program files\sendmails\sa\spamassassin.exe
FirewallRules: [UDP Query User{16C56EF1-CBF2-490D-B8E5-2E533A3B0331}C:\program files\sendmails\sa\spamassassin.exe] => (Allow) C:\program files\sendmails\sa\spamassassin.exe
FirewallRules: [{6D95D61E-84A0-4D90-99B5-D694BCE0FDC7}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{D07A2E2D-7D22-4BD8-AB70-3F60E6095B5B}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [TCP Query User{49E2698B-E96F-41C8-83D4-F626F5B9A17A}C:\program files\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files\formatfactory\ffmodules\package\ptinstonline.exe
FirewallRules: [UDP Query User{748A963E-1CB5-4A61-BB3C-4FCACED75A74}C:\program files\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files\formatfactory\ffmodules\package\ptinstonline.exe
FirewallRules: [{3AF0E086-046C-4341-991D-144A7F73C694}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{6F3C1AF7-FDC8-41FE-BA53-064D7232DC1B}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{DD2BD702-9235-44EC-9030-2F45B09DD03B}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{B685341E-EFF1-4E20-A253-0B0D4BA76ACE}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D52783E5-FB22-4C8A-84C4-563C5969C503}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{72372331-4068-47D3-92CB-85F415DF6063}] => (Allow) C:\Windows\system32\msiexec.exe
FirewallRules: [{10424EFD-22BB-4279-9695-41D681DDA7EA}] => (Allow) C:\Program Files\Common Files\jyBOEA.exe
FirewallRules: [{748C0A0D-4578-461F-9258-E5C920A45834}] => (Allow) C:\Program Files\Common Files\iOCEropcPITcV.exe
FirewallRules: [{4D79451B-6730-45D1-ACD0-9E9F7737A9A0}] => (Allow) C:\Users\xxx\AppData\Local\Lite\Application\lite.exe
FirewallRules: [{F9A646E5-8D5E-4938-AADD-3D53BFA7B664}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
FirewallRules: [{BA6F8B6C-A0AB-4233-B17F-683BFB3F30C3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{662F8D00-7604-4B5A-93F7-832640B5B391}] => (Allow) C:\Windows\system32\tracert.exe
FirewallRules: [{919CBC79-D21A-4D5C-9A16-8684AEF592CD}] => (Allow) C:\Windows\system32\tracert.exe
FirewallRules: [{4E898E3D-D96D-4B13-A5BF-3C3D9298FCBC}] => (Allow) C:\Windows\system32\tracert.exe
FirewallRules: [{B1519D4C-7E61-4120-B0BF-65DF39A8D25E}] => (Allow) C:\Program Files\1st SMTP Server\SMTPServerGUI.exe
FirewallRules: [{68D77AF3-E8D1-4C2E-B2F0-63D2D91C6CA0}] => (Allow) C:\Program Files\1st SMTP Server\SMTPServerGUI.exe
FirewallRules: [{8F9F219B-7B14-4C32-834B-A1B8891A3EC9}] => (Allow) C:\Program Files\1st SMTP Server\SMTPListener.exe
FirewallRules: [{706180F0-1638-446F-912E-3D197A5F8632}] => (Allow) C:\Program Files\1st SMTP Server\SMTPListener.exe
FirewallRules: [{63ABB0BE-4F02-4B96-A355-921810BC2A9F}] => (Allow) C:\Program Files\1st SMTP Server\Uninstaller.exe
FirewallRules: [{752A9C84-9BA2-4532-9185-9184FE1270ED}] => (Allow) C:\Program Files\1st SMTP Server\Uninstaller.exe
FirewallRules: [{FA807640-7575-4D3F-96C2-0D1D442F5D09}] => (Allow) C:\Program Files\1st SMTP Server\Updater.exe
FirewallRules: [{FCD66B7D-7949-4223-A34C-07AB9558B6C3}] => (Allow) C:\Program Files\1st SMTP Server\Updater.exe
FirewallRules: [TCP Query User{5C49ED48-E484-40AD-8F84-DB65A265E312}C:\program files\argo software design\mail server\mailserver.exe] => (Allow) C:\program files\argo software design\mail server\mailserver.exe
FirewallRules: [UDP Query User{7E107DF3-FE59-491C-B172-EFAB53B55933}C:\program files\argo software design\mail server\mailserver.exe] => (Allow) C:\program files\argo software design\mail server\mailserver.exe
FirewallRules: [{EA49F1EC-F1F1-42DD-B60A-C0B1BDC62C7B}] => (Allow) C:\Program Files\SMTP Server Pro\SMTPServerGUI.exe
FirewallRules: [{A5C8E361-6BB4-472A-A0F3-F2F452800D46}] => (Allow) C:\Program Files\SMTP Server Pro\SMTPServerGUI.exe
FirewallRules: [{59D8D327-62CF-4281-99F6-BBC59F84E708}] => (Allow) C:\Program Files\SMTP Server Pro\SMTPListener.exe
FirewallRules: [{5521B2A3-B462-4D90-AD9B-DFD74CFB8232}] => (Allow) C:\Program Files\SMTP Server Pro\SMTPListener.exe
FirewallRules: [{0DAD09FA-4D2C-4952-BD9D-2873B2B711F1}] => (Allow) C:\Program Files\SMTP Server Pro\Uninstaller.exe
FirewallRules: [{B73AAD53-CC23-4D33-AE60-DB66FE1E76D8}] => (Allow) C:\Program Files\SMTP Server Pro\Uninstaller.exe
FirewallRules: [{5FE7BE8B-9264-48DC-87D3-C7C2F14D57DB}] => (Allow) C:\Program Files\SMTP Server Pro\Updater.exe
FirewallRules: [{5FFD55C3-C987-4126-95D2-514322A7F386}] => (Allow) C:\Program Files\SMTP Server Pro\Updater.exe
FirewallRules: [TCP Query User{97FA703E-AC7B-457C-A365-3CEA2A24C2B3}C:\program files\argo software design\mail server\mailserver.exe] => (Allow) C:\program files\argo software design\mail server\mailserver.exe
FirewallRules: [UDP Query User{4FC85B92-D3CF-4ABC-8DA6-1B92BE7A1F80}C:\program files\argo software design\mail server\mailserver.exe] => (Allow) C:\program files\argo software design\mail server\mailserver.exe
FirewallRules: [TCP Query User{57396A86-EA94-4E01-85EE-F06CCD09BE4D}C:\program files\qk smtp server\smtpserver.exe] => (Allow) C:\program files\qk smtp server\smtpserver.exe
FirewallRules: [UDP Query User{81630BBC-6C09-4051-A95D-C0AFC2F68B79}C:\program files\qk smtp server\smtpserver.exe] => (Allow) C:\program files\qk smtp server\smtpserver.exe
FirewallRules: [TCP Query User{080B6DA9-03EE-44FC-A32C-D31A75DF15C0}C:\program files\qk smtp server\smtpserver.exe] => (Allow) C:\program files\qk smtp server\smtpserver.exe
FirewallRules: [UDP Query User{80A86E92-F10F-4135-8912-C5CC560A0E60}C:\program files\qk smtp server\smtpserver.exe] => (Allow) C:\program files\qk smtp server\smtpserver.exe
FirewallRules: [TCP Query User{199A79B7-F7FD-41C2-A17B-85BF4C2451D3}C:\program files\local smtp relay server\smtpserver.exe] => (Allow) C:\program files\local smtp relay server\smtpserver.exe
FirewallRules: [UDP Query User{CD577213-810C-4CC0-B916-E5BAD35C4FEC}C:\program files\local smtp relay server\smtpserver.exe] => (Allow) C:\program files\local smtp relay server\smtpserver.exe
FirewallRules: [{B90CD07E-7CD7-4589-A2B2-5B7C306EF818}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1AADCD70-9574-482B-AC88-D6D281FDCD90}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{609D7492-28A0-4B7B-A8C4-C981F386D466}] => (Allow) C:\Program Files\Opera\54.0.2952.64\opera.exe
FirewallRules: [{3F4070F5-80BD-4E45-B258-E5993BDBB727}] => (Allow) C:\Users\xxx\AppData\Roaming\Zoom\bin\Zoom.exe
FirewallRules: [{FB1970D9-5E1D-45CC-B0C7-478D72E40B20}] => (Allow) C:\Users\xxx\AppData\Roaming\Zoom\bin\airhost.exe
FirewallRules: [{44FC248F-DA1F-40DB-B65C-BFDB14347A25}] => (Allow) C:\Program Files\Opera\54.0.2952.71\opera.exe
FirewallRules: [{3DA6B423-D5C1-4952-A79F-3ED477A22B3A}] => (Allow) C:\Program Files\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{62F1FA20-BD86-4E54-877C-1D615C8B0DC2}] => (Allow) C:\Program Files\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{263B957B-C295-4850-9118-427AAE9A30F0}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{84B104A3-116E-4D1B-B2BA-4451EAA24EF8}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{3CE93F98-D1FC-41FD-9F4E-5E730A7DD2FE}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{23CEAD06-D7A4-4720-A2D9-EA789548BF77}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{E3C7E43C-C803-4122-ABC9-2DD75CE7B035}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{45CF97CA-3CE0-4523-904E-21FB3646F3FC}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{A93219F6-ADDC-4DF8-9032-810C684BF1CC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{343C6F72-6681-47F2-BBC8-580E50DF92E9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: VIA Rhine II Compatible Fast Ethernet Adapter
Description: VIA Rhine II Compatible Fast Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VIA Technologies, Inc.
Service: FETNDIS
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: npf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/01/2018 06:54:04 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Dotaz na stínové kopie

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: 13
   Kontext snímku: 13
   Kontext spuštění: Coordinator

Error: (09/01/2018 06:54:04 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
   Dotaz na stínové kopie

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Kontext snímku: 13
   Kontext snímku: 13
   Kontext spuštění: Coordinator

Error: (09/01/2018 03:47:45 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Pokus o zápis do souboru C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb s posunem 491520 (0x0000000000078000) o 32768 (0x00008000) bajtů se po 0 sekundách nezdařil. Došlo k systémové chybě 112 (0x00000070): Na disku není dost místa. . Operace zápisu se nezdaří a dojde k chybě -1808 (0xfffff8f0). Pokud tyto potíže potrvají, je soubor pravděpodobně poškozen a bude nutné jej obnovit ze záložní kopie.

Error: (09/01/2018 01:13:07 AM) (Source: MsiInstaller) (EventID: 11601) (User: xxx-PC)
Description: Продукт: InterBase Client -- Нет места на диске: Недостаточно места на диске - том: "C:"; необходимо места: 5 746 КБ; доступно места: 1 116 КБ. Освободите место на диске и повторите попытку.

Error: (09/01/2018 12:33:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\strategyquant\LicenseOffline_SQ.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/31/2018 10:17:42 PM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Pokus o zápis do souboru C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb s posunem 0 (0x0000000000000000) o 98304 (0x00018000) bajtů se po 0 sekundách nezdařil. Došlo k systémové chybě 112 (0x00000070): Na disku není dost místa. . Operace zápisu se nezdaří a dojde k chybě -1808 (0xfffff8f0). Pokud tyto potíže potrvají, je soubor pravděpodobně poškozen a bude nutné jej obnovit ze záložní kopie.

Error: (08/31/2018 09:40:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\StrategyQuant\LicenseOffline_SQ.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (08/31/2018 08:34:04 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
   Získat rozhraní umožňující volání pro tohoto zprostředkovatele
   Získávání rozhraní správy zprostředkovatele

Kontext:
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
   ID třídy: {00000000-0000-0000-0000-000000000000}
   Kontext snímku: -1
   ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}


System errors:
=============
Error: (09/01/2018 12:35:06 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT AUTHORITY)
Description: 0xc000014d45\??\C:\System Volume Information\Syscache.hve

Error: (08/31/2018 07:58:30 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Neočekávaná chyba. Kód chyby: 490@01010004

Error: (08/31/2018 07:45:26 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80070422. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (08/31/2018 07:44:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby: 
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (08/31/2018 07:44:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Načítání obrázků (WIA) závisí na službě Rozpoznávání hardwaru, která neuspěla při spuštění v důsledku následující chyby: 
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (08/31/2018 07:44:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (08/31/2018 07:44:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba MlmDm neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (08/31/2018 07:44:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\Windows\system32\Rtlihvs.dll
Kód chyby: 126


Windows Defender:
===================================
Date: 2017-01-19 04:17:18.998
Description: 
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/DefaultTab&threatid=207033
Název:BrowserModifier:Win32/DefaultTab
ID:207033
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.29_0\plugins\npDefaultTabSearch.dll;file:C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2016-05-20 13:46:45.189
Description: 
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Neobar&threatid=225451
Název:BrowserModifier:Win32/Neobar
ID:225451
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F};file:C:\Program Files\Torrent Search\IEEF\6HUFv2ts2BTt.exe;file:C:\Program Files\Torrent Search\IEEF\6LFk14xrBBAD.dll;file:C:\Program Files\Torrent Search\IEEF\files\background.html;file:C:\Program Files\Torrent Search\IEEF\files\files\background.js;file:C:\Program Files\Torrent Search\IEEF\files\files\com.torrent.main\reset.png;file:C:\Program Files\Torrent Search\IEEF\files\files\com.torrent.main\reset_old.png;file:C:\Program Files\Torrent Search\IEEF\files\files\com.torrent.main\search.png;file:C:\Program Files\Torrent Search\IEEF\files\files\com.torrent.main\search_old.png;file:C:\Program Files\Torrent Search\IEEF\files\files\foreground.js;file:C:\Program Files\Torrent Search\IEEF\files\files\popup.css;file:C:\Program Files\Torrent Search\IEEF\files\files\popup.js;file:C:\Program Files\Torrent Search\IEEF\files\files\proxy.js;file:C:\Program Files\Torrent Search\IEEF\files\Kernel.js;file:C:\Program Files\Torrent Search\IEEF\files\po
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2016-05-20 13:36:00.522
Description: 
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Neobar&threatid=225451
Název:BrowserModifier:Win32/Neobar
ID:225451
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\Torrent Search\RolqeE7.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2014-04-16 11:28:37.267
Description: 
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sefnit.BW&threatid=202626
Název:Trojan:Win32/Sefnit.BW
ID:202626
Závažnost:Vážné
Kategorie:Trojský kůň
Nalezeno v cestě:containerfile:C:\Users\xxx\AppData\Local\temp\37E1.tmp;file:C:\Users\xxx\AppData\Local\temp\37E1.tmp->(nsis-3-file1.exe)->(nsis-3-svc.exe);file:C:\Users\xxx\AppData\Local\temp\37E1.tmp->(nsis-3-file2.exe)->(nsis-3-updater.dll);file:C:\Users\xxx\AppData\Local\temp\37E1.tmp->(nsis-3-file2.exe)->(nsis-3-updater_task.dll);file:C:\Users\xxx\AppData\Roaming\Updater\updater_task.dll;file:C:\Windows\Tasks\updater.job;taskscheduler:C:\Windows\Tasks\updater.job
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2014-04-16 11:27:36.343
Description: 
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sefnit.BW&threatid=202626
Název:Trojan:Win32/Sefnit.BW
ID:202626
Závažnost:Vážné
Kategorie:Trojský kůň
Nalezeno v cestě:containerfile:C:\Users\xxx\AppData\Local\temp\37E1.tmp;file:C:\Users\xxx\AppData\Local\temp\37E1.tmp->(nsis-3-file1.exe)->(nsis-3-svc.exe);file:C:\Users\xxx\AppData\Local\temp\37E1.tmp->(nsis-3-file2.exe)->(nsis-3-updater.dll);file:C:\Users\xxx\AppData\Local\temp\37E1.tmp->(nsis-3-file2.exe)->(nsis-3-updater_task.dll);file:C:\Users\xxx\AppData\Roaming\Updater\updater_task.dll
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2017-06-30 13:11:55.768
Description: 
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus. 
Verze podpisu:1.247.301.0
Verze modulu:1.1.13903.0

Date: 2017-05-18 07:54:19.139
Description: 
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus. 
Verze podpisu:1.243.493.0
Verze modulu:1.1.13704.0

Date: 2017-04-05 03:08:14.561
Description: 
Prohledávání Windows Defender zjistilo chybu a bylo ukončeno.
ID prohledávání:{884DD6E8-B361-4B22-B040-0E61BD120131}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus. 

Date: 2017-04-05 02:40:58.508
Description: 
Prohledávání Windows Defender zjistilo chybu a bylo ukončeno.
ID prohledávání:{23901FB1-3F0A-4C56-9AA6-34853BF0AA1B}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus. 

Date: 2017-04-02 16:13:47.029
Description: 
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus. 
Verze podpisu:1.239.460.0
Verze modulu:1.1.13601.0

CodeIntegrity:
===================================

Date: 2017-08-10 08:20:19.312
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-08-10 08:20:19.187
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-07-13 04:24:50.140
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-07-13 04:24:50.015
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-07-12 16:36:49.468
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-07-12 16:36:49.312
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-07-12 16:14:45.781
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-07-12 16:14:45.609
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
Percentage of memory in use: 67%
Total physical RAM: 3070.49 MB
Available physical RAM: 988.11 MB
Total Virtual: 6139.31 MB
Available Virtual: 3811.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:50.68 GB) (Free:0.42 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:135.53 GB) (Free:119.21 GB) NTFS
Drive l: (FLASH - 8GB) (Removable) (Total:7.21 GB) (Free:1.49 GB) FAT32

\\?\Volume{91f399be-8670-11e2-855a-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 186.3 GB) (Disk ID: E975E975)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=50.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=135.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 7.2 GB) (Disk ID: BF85B6E2)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0C)

==================== End of Addition.txt ============================