Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyčištění notebooku od havěti

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
brdic
Návštěvník
Návštěvník
Příspěvky: 109
Registrován: 13 bře 2005 22:00

Vyčištění notebooku od havěti

#1 Příspěvek od brdic »

Zdravím všechny pomocníky.
Chtěl bych Vás poprosit o pomoc při "rozhýbání" mého notebooku. Myslím si, že výbavou to ještě není takový lazar na vyhození, ale poslední dobou se tak chová :-) Notebok jse strašně pomalý, na vše musím dlouhou dobu čekat.
Předem moc děkuji za každou radu

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-06-2017
Ran by Brdíci (administrator) on BRDÍCI-PC (15-06-2017 17:24:38)
Running from C:\Users\Brdíci\Desktop
Loaded Profiles: Brdíci (Available Profiles: Brdíci & zdenk & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\AEstSrv.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-16] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [200704 2008-08-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-07-26] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1086376 2012-08-03] (Nokia)
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Brdíci\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Brdíci\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-10] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 77.237.128.2 77.237.128.1
Tcpip\..\Interfaces\{2213107e-f9a7-4c52-bd47-1967af1ac80f}: [DhcpNameServer] 176.107.120.35 176.107.120.42
Tcpip\..\Interfaces\{f047863a-1889-4446-81d2-bf07641e6f4e}: [DhcpNameServer] 77.237.128.2 77.237.128.1

Internet Explorer:
==================
HKU\S-1-5-21-529510219-857933644-3456723339-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {068E70B5-42CB-421B-AEC1-774902ABFE57} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {1879FF1C-F09E-458F-AD59-EDE77CBB52F7} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {1A543F3B-2703-4229-9883-2530ECB5F8BA} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {30891B69-791C-48F3-A895-222E11D2B26D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {40E1742A-2ECB-478A-9338-BE2BF0ABC09A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {52607051-57A0-43D0-ABCD-EE06819BDFA0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {A4A218D6-CE39-4339-B3F2-3CB4115783DD} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {A74A5B07-8082-44C2-8D34-FCDBA933623B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {E06A9E9C-BCBC-4CE8-9385-BF8A10596C06} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-17] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default [2017-06-15]
FF user.js: detected! => C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\user.js [2014-09-20]
FF Homepage: Mozilla\Firefox\Profiles\budn51vn.default -> hxxp://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\budn51vn.default -> type", 0
FF Extension: (Widevine Media Optimizer) - C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2016-01-13] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-18]
FF SearchPlugin: C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\searchplugins\firmycz.xml [2015-10-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-13] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-08-03] ( )
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-12-04] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-529510219-857933644-3456723339-1000: @nsroblox.roblox.com/launcher -> C:\Users\Brdíci\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-529510219-857933644-3456723339-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Brdíci\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-529510219-857933644-3456723339-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Brdíci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-05-07] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]

Chrome:
=======
CHR Profile: C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default [2016-10-27]
CHR Extension: (Prezentace Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-25]
CHR Extension: (Dokumenty Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-25]
CHR Extension: (Disk Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-25]
CHR Extension: (YouTube) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-25]
CHR Extension: (Avast SafePrice) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-10-25]
CHR Extension: (Tabulky Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-25]
CHR Extension: (Avast Online Security) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-25]
CHR Extension: (Gmail) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\aestsrv.exe [81920 2009-03-16] (Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5732136 2017-05-10] (AVAST Software s.r.o.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1668344 2008-10-16] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [116032 2013-07-11] ()
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [155336 2016-05-25] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-10-12] (Microsoft Corporation)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\STacSV.exe [254042 2009-03-16] (IDT, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271488 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [258288 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [148696 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [268016 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [41664 2017-05-10] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [65344 2016-12-20] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34136 2017-05-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [31064 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [107928 2017-05-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [90336 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [62152 2017-05-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [764576 2017-05-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [482608 2017-05-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [115152 2017-05-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [279800 2017-05-10] (AVAST Software)
R3 BTDriver; C:\WINDOWS\system32\DRIVERS\btport.sys [37160 2008-02-05] (Broadcom Corporation.)
R3 btkrnl; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [990632 2008-04-15] (Broadcom Corporation.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2013-11-23] (Disc Soft Ltd)
R3 itecir; C:\WINDOWS\system32\DRIVERS\itecir.sys [84600 2015-11-24] (ITE Tech. Inc. )
R3 ITECIRfilter; C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys [34000 2015-11-24] (ITE Tech. Inc. )
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7518208 2016-07-16] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-15 17:24 - 2017-06-15 17:24 - 00000000 ____D C:\Users\Brdíci\Desktop\FRST-OlderVersion
2017-06-15 11:24 - 2017-06-15 11:23 - 00043011 _____ C:\Users\zdenk\Desktop\předpis - kopie.pdf
2017-06-15 11:23 - 2017-06-15 11:23 - 00043011 _____ C:\Users\zdenk\Desktop\předpis.pdf
2017-06-15 11:18 - 2017-06-15 11:18 - 00036712 _____ C:\Users\zdenk\Desktop\575242495.pdf
2017-06-15 11:18 - 2017-06-15 11:18 - 00036712 _____ C:\Users\zdenk\Desktop\575242495 - kopie.pdf
2017-06-15 10:58 - 2017-06-15 10:57 - 00246608 _____ C:\Users\zdenk\Desktop\DAGetDocument - kopie.pdf
2017-06-15 10:57 - 2017-06-15 10:57 - 00246608 _____ C:\Users\zdenk\Desktop\DAGetDocument.pdf
2017-06-15 10:34 - 2017-06-15 10:34 - 00246608 _____ C:\Users\zdenk\Desktop\pan Horáček.pdf
2017-06-15 10:29 - 2017-06-15 10:30 - 03396071 _____ C:\Users\zdenk\Desktop\kmen 2017 terka.xlsx
2017-06-14 22:38 - 2017-06-15 00:06 - 00041048 _____ C:\Users\Brdíci\Desktop\Addition.txt
2017-06-14 22:36 - 2017-06-15 17:25 - 00016440 _____ C:\Users\Brdíci\Desktop\FRST.txt
2017-06-14 22:34 - 2017-06-14 22:34 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-14 22:16 - 2017-06-14 22:16 - 00001450 _____ C:\AdwCleaner[R3].txt
2017-06-14 22:14 - 2017-06-14 22:15 - 00001390 _____ C:\AdwCleaner[R2].txt
2017-06-14 22:00 - 2017-06-14 22:01 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 21:29 - 2017-06-03 12:22 - 00231776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 21:29 - 2017-06-03 12:03 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 21:29 - 2017-06-03 11:58 - 00154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 21:29 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 21:29 - 2017-06-03 11:54 - 00290656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 21:29 - 2017-06-03 11:43 - 01964384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 21:29 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 21:29 - 2017-06-03 11:32 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 21:29 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-06-14 21:29 - 2017-06-03 11:30 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 21:29 - 2017-06-03 11:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 21:29 - 2017-06-03 11:25 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 21:29 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 21:29 - 2017-06-03 11:06 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 21:29 - 2017-06-03 11:04 - 01889792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 21:29 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 21:29 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 21:29 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 01336160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00514400 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00455000 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00284000 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00254816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00083296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 21:28 - 2017-06-03 12:50 - 00030560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 21:28 - 2017-06-03 12:15 - 00099672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 21:28 - 2017-06-03 12:13 - 05996384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 21:28 - 2017-06-03 12:13 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 21:28 - 2017-06-03 12:03 - 00950112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 21:28 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 21:28 - 2017-06-03 11:55 - 01896288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 21:28 - 2017-06-03 11:55 - 00342368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 21:28 - 2017-06-03 11:53 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 21:28 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 21:28 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 21:28 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 21:28 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 21:28 - 2017-06-03 11:48 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 21:28 - 2017-06-03 11:44 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 21:28 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 21:28 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 21:28 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 21:28 - 2017-06-03 11:31 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 21:28 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 21:28 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 21:28 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 21:28 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-06-14 21:28 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 21:28 - 2017-06-03 11:20 - 00668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 21:28 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 21:28 - 2017-06-03 11:16 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 21:28 - 2017-06-03 11:16 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 21:28 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 21:28 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 21:28 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 21:28 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 21:28 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 01236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 21:28 - 2017-06-03 11:05 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 21:28 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 21:28 - 2017-06-02 09:35 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-14 21:28 - 2017-05-25 08:56 - 00034144 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 21:28 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-06-14 21:28 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-06-14 11:50 - 2017-06-14 11:50 - 00000000 ____D C:\Users\zdenk\AppData\Roaming\Corel
2017-06-14 11:30 - 2017-06-14 11:30 - 00067825 _____ C:\Users\zdenk\Desktop\20170614112316730.pdf
2017-06-13 10:37 - 2017-06-13 11:34 - 00027841 _____ C:\Users\zdenk\Desktop\MA 08.xlsx
2017-06-07 11:47 - 2017-06-07 11:19 - 00012384 _____ C:\Users\zdenk\Desktop\POV přepočty 7-14 do 9-14 - kopie.xlsx
2017-06-07 11:19 - 2017-06-07 12:11 - 00012444 _____ C:\Users\zdenk\Desktop\POV přepočty 7-14 do 9-14.xlsx
2017-06-07 11:14 - 2017-06-07 11:14 - 00000000 ____D C:\Users\zdenk\Desktop\přepočty
2017-06-07 09:23 - 2017-06-07 09:23 - 00055160 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-06 10:39 - 2017-06-06 10:40 - 00000000 ____D C:\Users\zdenk\Desktop\FOTKY
2017-05-31 10:01 - 2017-05-31 10:01 - 00280070 _____ C:\Users\zdenk\Documents\Scan0003.pdf
2017-05-16 17:45 - 2017-06-03 08:36 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-05-16 17:45 - 2017-06-03 08:36 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-15 17:24 - 2016-10-26 18:51 - 00000000 ____D C:\FRST
2017-06-15 17:24 - 2016-10-26 18:49 - 01777152 _____ (Farbar) C:\Users\Brdíci\Desktop\FRST.exe
2017-06-15 17:01 - 2016-07-16 10:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-15 17:01 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-15 15:05 - 2016-06-22 21:12 - 00000000 ___RD C:\Users\zdenk\Desktop\OneDrive
2017-06-15 10:24 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-15 00:40 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 22:39 - 2016-07-16 10:28 - 00000000 ____D C:\WINDOWS\INF
2017-06-14 22:27 - 2016-11-20 14:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-14 22:22 - 2016-11-22 18:45 - 00000000 ____D C:\Users\Brdíci\AppData\LocalLow\Mozilla
2017-06-14 22:22 - 2012-07-08 10:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-06-14 22:10 - 2016-10-12 17:47 - 02723876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-14 22:10 - 2016-07-16 19:01 - 01069202 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-14 22:10 - 2016-07-16 19:01 - 00278412 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-14 22:03 - 2016-10-12 18:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-14 22:03 - 2016-10-12 17:39 - 00422176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 22:02 - 2016-07-16 04:22 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-14 22:01 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 22:00 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 21:53 - 2016-10-12 17:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-14 21:47 - 2013-08-14 23:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 21:36 - 2016-07-16 10:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 21:36 - 2012-07-08 01:53 - 130903960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 11:49 - 2016-10-20 09:36 - 00000000 ____D C:\Users\zdenk\AppData\Local\Google
2017-06-14 08:01 - 2016-06-22 20:56 - 00002387 _____ C:\Users\zdenk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-13 20:32 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-07 11:15 - 2016-06-27 10:28 - 00000000 ____D C:\Users\zdenk\Desktop\Generali
2017-06-06 10:40 - 2016-10-04 08:58 - 00000000 ____D C:\Users\zdenk\Desktop\mamka
2017-06-02 07:34 - 2016-05-22 23:09 - 00001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-18 23:06 - 2016-10-12 17:48 - 00000000 ____D C:\Users\Brdíci
2017-05-18 14:33 - 2017-02-18 12:51 - 00852024 _____ (ROBLOX Corporation) C:\Users\Brdíci\Desktop\RobloxPlayerLauncher.exe
2017-05-18 14:28 - 2017-01-15 14:53 - 00000000 ____D C:\Users\Brdíci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-05-18 14:26 - 2016-05-17 23:39 - 00000000 ____D C:\Users\Brdíci\AppData\Local\Packages
2017-05-16 17:46 - 2012-07-07 20:52 - 00430248 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-16 17:44 - 2016-07-16 04:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-16 17:39 - 2016-07-16 04:22 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-16 14:25 - 2016-10-20 09:40 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 09:20 - 2014-08-01 16:01 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys

==================== Files in the root of some directories =======

2014-01-20 22:19 - 2014-01-20 22:23 - 0004608 _____ () C:\Users\Brdíci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-22 23:43 - 2012-12-22 23:43 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
2016-10-25 23:19 - 2016-10-25 23:19 - 0001536 _____ () C:\Users\Brdíci\AppData\Local\Temp\NOSEventMessages.dll
2017-04-17 18:52 - 2017-04-17 18:52 - 0739904 _____ (Oracle Corporation) C:\Users\zdenk\AppData\Local\Temp\jre-8u121-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-07 09:48

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-06-2017
Ran by Brdíci (15-06-2017 17:26:05)
Running from C:\Users\Brdíci\Desktop
Microsoft Windows 10 Pro Version 1607 (X86) (2016-10-12 16:27:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-529510219-857933644-3456723339-500 - Administrator - Disabled)
Brdíci (S-1-5-21-529510219-857933644-3456723339-1000 - Administrator - Enabled) => C:\Users\Brdíci
DefaultAccount (S-1-5-21-529510219-857933644-3456723339-503 - Limited - Disabled)
Guest (S-1-5-21-529510219-857933644-3456723339-501 - Limited - Disabled)
vladu (S-1-5-21-529510219-857933644-3456723339-1206 - Limited - Enabled)
zdenk (S-1-5-21-529510219-857933644-3456723339-1204 - Limited - Enabled) => C:\Users\zdenk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Balíček ovladače systému Windows - AuthenTec Inc. (ATSwpWDF) Biometric (10/02/2008 8.1.2.37) (HKLM\...\A4680BD43717441189C52EBF2C4FD6B182EE1101) (Version: 10/02/2008 8.1.2.37 - AuthenTec Inc.)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{FD417077-C2FE-46DB-942A-228179B308D5}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - TR (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (HKLM\...\_{86F23E59-06B3-432A-9D16-B6A4DF379571}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.1 - Corel Corporation) Hidden
CSGO WaRzOnE Launcher (HKLM\...\CSGO WaRzOnE Launcher 1.0) (Version: 1.0 - Warzone)
CSGO WaRzOnE Launcher (Version: 1.0 - Warzone) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.101.211 - Alps Electric)
DLL-Files.com Client (HKLM\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
HiSuite (HKLM\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
IPM_Common_x86 (Version: 2.2 - Your Company Name) Hidden
iTunes (HKLM\...\{558C7B3E-84D0-4215-96EA-29282037F69D}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
KA15 (HKLM\...\{778BD16C-83B0-418C-8972-068A56E74C5C}) (Version: 4.5.1 - Allianz pojišťovna, a.s.)
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 53.0.2 (x86 cs)) (Version: 53.0.2 - Mozilla)
Podpora aplikací Apple (32bitová) (HKLM\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Poradce, verze 1.55/1 (HKLM\...\Hledik - Poradce) (Version: 1.55/1 - )
ROBLOX Player for Brdíci (HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
SafeZone Stable 3.55.2393.607 (Version: 3.55.2393.607 - Avast Software) Hidden
Seznam Software (HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\SeznamInstall) (Version: - Seznam.cz)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Brdíci\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Brdíci\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Brdíci\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\RobloxProxy64.dll (ROBLOX Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04D833C3-9F3F-46CE-BB53-3CD1E0231E76} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {086FDF3D-2035-481A-9A9D-EBB5B052547A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software)
Task: {19E1D0D5-C5B1-4585-978B-BD03678F2191} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1AF04B77-F171-430D-9DD6-45FA57E863E2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {216B0741-D6D7-4486-A5AA-03CAC613907A} - System32\Tasks\{B67EABC5-D390-47CF-B439-94EDDC13C140} => pcalua.exe -a E:\setup.exe -d E:\
Task: {2438DECE-1A8E-4B60-8B0B-E34057E4977E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24FDBB51-0A2E-4B8E-961F-097BBF9E019A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {26BAF881-497A-4239-BF92-CA166EB2277B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2B1E3A50-EEF9-48F9-AFAF-5123583046EB} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files\Corel\CUH\v2\CUH.exe [2016-06-24] (Corel Corporation)
Task: {356BABCF-CFF1-414E-82BD-EB555F70F408} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {421F7F45-DB6B-4C52-A1F8-ECDAF1B3F825} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4D79A09A-E903-4931-8980-F8A6CE77D2B8} - System32\Tasks\SafeZone scheduled Autoupdate 1463951370 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software)
Task: {4F111BFA-A476-41C2-8A70-31B806F89441} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4F72520E-814E-48E1-B2A3-0C9E19D3600A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {56B9261D-90F5-4E5B-ADCC-795CEEF634ED} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5707B345-1367-42F1-8CD4-6D8CF31743EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5885F589-4F84-4371-9D2A-CDD7F75F1A80} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5D664E87-3E37-4DAF-A2CD-79C5207CD279} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {619D1F45-335F-492A-94A4-B5C30E62056D} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Brdíci\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {63BE0184-F699-421F-85A7-B1A3699C5FE7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {67603696-7AE7-405B-AC19-189E5A51BFA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-20] (Google Inc.)
Task: {6F024134-D9C1-41F7-A532-E53F89B5FE9C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {778E1DC6-7265-4F89-AAA9-0BA0168F5663} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-20] (Google Inc.)
Task: {7D72C818-E49B-4C2A-91AF-05020DE734B7} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-12-23] ()
Task: {8752391E-0575-4E69-883F-D6876CB04274} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8AEB8D8B-A054-4431-8FD4-5626EB965C92} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8DAD2D38-D9AF-407E-A6F9-CDCB8EA6C5EA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8E63FC62-B9DA-42CC-8F83-C29468F53FAD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {931F7CCB-BAAE-4185-BCA0-BD69548C454C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98E02F38-685F-49EB-9B7F-D6DD1797DAEB} - System32\Tasks\{6D850D9F-34E4-4046-9204-7E11582C138C} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A0E41695-4A49-44A3-A365-6A831AC7B30E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A18DDA29-3B39-434F-A513-60D604CA7A51} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6FE1FAB-0CC0-46ED-B120-FB944AB8C97E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {ABA2904B-4FD2-4111-8CE1-8BF1FD9678C1} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {B07D1E58-7D2B-477B-BA24-BF9767128D2D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {B1374992-5CB9-4406-A011-58F3AC1E888B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B2B00700-9804-4151-8DE8-DE8E930F0817} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B5C990B1-0AD8-462F-83C8-B6C966599C40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A5D65-A726-454C-85B8-8A280D9A03EF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B868DEAC-C12F-4160-8E6E-FA6844A58239} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-17] (AVAST Software)
Task: {C224BCED-C350-4C88-A8E8-B6A9C445595C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7C52BEA-FC0A-4F52-AEF1-15C3E550BE8D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-13] (Adobe Systems Incorporated)
Task: {D778BB83-C085-4EB2-82E3-5C082135E826} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7F9B4E4-105E-4F29-B4D8-1243D9F1204A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB6BCA33-95D1-46AF-A593-5742B3611ECE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB753457-8587-4390-997D-BD32AB07E365} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\zdenk\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {E0D9661C-874D-460C-BC51-01B98CC6787A} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {ED748C2F-1047-40E2-B70F-F44A54C507BA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {EDD2304E-7F03-4585-94DD-47EA8E2B7F8C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EE49BAC7-696B-4930-98C0-600D308620AC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F952660F-1B0C-4C54-B019-6095FD97BD77} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {FAF5EB2B-B91B-40F3-9B19-4E83F6B911A6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FF7BDD5A-8E07-48C2-B053-67AB7F7E0153} - System32\Tasks\AVAST Software\Avast upgrade utility => C:\Program Files\Common Files\AV\avast! Antivirus\upgrade.exe [2017-04-17] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-03 20:06 - 2016-05-25 12:53 - 00155336 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
2016-07-05 15:24 - 2016-07-05 15:24 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-18 22:12 - 2013-07-11 16:50 - 00116032 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2016-07-16 10:25 - 2016-07-16 10:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-12 11:41 - 2017-04-28 02:56 - 02048488 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-12 18:33 - 2016-10-12 18:33 - 01383616 _____ () C:\Users\Brdíci\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-07-16 10:25 - 2016-07-16 10:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 10:15 - 2017-03-04 08:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 10:08 - 2017-03-04 08:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 10:08 - 2017-03-04 07:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 18:30 - 2016-10-12 18:30 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-12 11:40 - 2017-04-28 01:52 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-12 11:40 - 2017-04-28 01:55 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2017-01-18 19:07 - 00000144 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-529510219-857933644-3456723339-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 77.237.128.2 - 77.237.128.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{799A1B5B-C5BA-48A1-AAC8-4209F70A1BE0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{906F1BC2-0848-44C1-B676-F543F6EA28B5}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{7E02E881-5ED4-4E1D-8528-E1DB2FF03C3C}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{FBC1F048-E0A1-4F8E-80A2-8648B6DB587E}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{FC79D89D-2C4C-44E3-A051-5CE82E0626BA}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{71421373-41DA-4DB0-9109-76FB5B83E5B9}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{7D31EBC3-23EC-41AA-8E59-97C38DEAFD9E}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{A373BE1E-5EF0-4C2D-A3B7-9E02497DD14E}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{44D81A39-87A9-4759-984C-198D7B9EB866}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{53883B0D-B5B1-42B8-BFAB-DCE13E60B272}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{E8612321-EE37-4A50-8C11-A3D82A625ECE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B3C2AA0D-67F7-4142-91FE-E553ADC2564A}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{506E4AB0-3D34-41B8-9A2A-3BE8B70DBA25}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8C507C59-9891-4269-B9EA-3FC25D3F3F88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{278150C5-9246-4C7D-970F-799D41FDC2A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4DB8A8EA-8E23-415B-9CED-96019D5DC8E5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{118B5341-3C75-4293-83C0-E999EFCC7EF0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{2DE46224-B302-4CFB-B534-A3C9D701EB49}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{65E8BFF8-AA88-4F0D-A376-281A796E8BF6}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{432F9B75-B021-4D92-952D-CCCAC4935ECA}] => (Allow) C:\Program Files\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{710862C5-E85E-4B9E-A4B7-689C0349421B}] => (Allow) C:\Program Files\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{C8EB7BD3-0E8E-40AC-9498-00D0431911E7}] => (Allow) C:\Program Files\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{47899385-FF89-454C-AB11-876321ACE5A3}] => (Allow) C:\Program Files\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{D593A321-ED1C-4793-B06B-78A5BD52A2F9}] => (Allow) C:\Program Files\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{82E70941-89F8-43AA-92FA-8E476D80CDA8}] => (Allow) C:\Program Files\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{14D07646-774A-4D0D-81ED-7B5896589252}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{63B3ABD0-647C-4B1D-BDE5-D5CB7A048EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B9CF2BF4-B8D1-4B02-A1BF-D5475992C6D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E964E6B-5CF8-475F-AA6B-108D2FF84655}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C1B07F66-887E-45B9-8FFE-2F3A84102DF2}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A627FEA5-6C1A-42B1-9253-684356433B78}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{376AC19F-4217-4A79-8DE6-C7D03D3D5D55}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{522C2DB2-C5D1-4FBB-B379-267F9F2ED7AC}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D44F7B79-8D01-4EAD-A125-A04D9EE43255}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelDrw.exe
FirewallRules: [{2AFF3020-96DB-411C-A1CC-BECEF1699B5F}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelPP.exe
FirewallRules: [TCP Query User{B9BACD1D-5D34-4B4E-8C32-04F9402D0470}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{52790459-7071-4324-8602-9DFD0415BAEA}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [{AB569ADC-7845-4DE1-BC6F-E10316A1BDC8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [{714D5343-90E9-46A9-8CA3-FEF25A9B1B41}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{E1B06853-8A1F-4844-9415-D59DD0C1D037}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe

==================== Restore Points =========================

30-05-2017 08:45:49 Windows Update
02-06-2017 10:51:55 Windows Update
06-06-2017 10:06:05 Windows Update
12-06-2017 20:36:30 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2017 05:00:23 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 05:00:23 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 05:00:23 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 03:05:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15468

Error: (06/15/2017 03:05:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15468

Error: (06/15/2017 03:05:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/15/2017 11:19:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.14393.1198 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1878

Čas spuštění: 01d2e5b7d41331a5

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 97b8d6f8-51ab-11e7-a6da-002219def3ba

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (06/15/2017 11:15:26 AM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {2CD39202-3A2F-4935-9A86-65B919919A7F} byla odmítnuta.

Error: (06/15/2017 11:15:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.14393.1198 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d4c

Čas spuštění: 01d2e5b4a7564554

Čas ukončení: 11802

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 0f932783-51ab-11e7-a6da-002219def3ba

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (06/15/2017 10:53:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.14393.1198 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1cc4

Čas spuštění: 01d2e5b0cc4af914

Čas ukončení: 60000

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: e28e41cf-51a7-11e7-a6da-002219def3ba

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:


System errors:
=============
Error: (06/15/2017 05:00:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_139e050 byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (06/15/2017 03:05:01 PM) (Source: DCOM) (EventID: 10010) (User: Brdíci-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2017 03:05:00 PM) (Source: DCOM) (EventID: 10010) (User: Brdíci-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2017 03:05:00 PM) (Source: DCOM) (EventID: 10010) (User: Brdíci-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2017 03:05:00 PM) (Source: DCOM) (EventID: 10010) (User: Brdíci-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2017 03:05:00 PM) (Source: DCOM) (EventID: 10010) (User: Brdíci-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2017 03:05:00 PM) (Source: DCOM) (EventID: 10010) (User: Brdíci-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2017 03:05:00 PM) (Source: DCOM) (EventID: 10010) (User: Brdíci-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2017 03:04:59 PM) (Source: DCOM) (EventID: 10010) (User: Brdíci-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/15/2017 03:04:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
Date: 2017-06-15 08:51:54.460
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.140
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.093
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:51.110
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:49.844
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-16 19:52:21.291
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-16 19:52:21.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Percentage of memory in use: 40%
Total physical RAM: 3032.85 MB
Available physical RAM: 1806.71 MB
Total Virtual: 6104.85 MB
Available Virtual: 4770.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.04 GB) (Free:70.15 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:151.6 GB) (Free:133.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 00000080)
Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
Partition 3: (Not Active) - (Size=151.6 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyčištění notebooku od havěti

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
brdic
Návštěvník
Návštěvník
Příspěvky: 109
Registrován: 13 bře 2005 22:00

Re: Vyčištění notebooku od havěti

#3 Příspěvek od brdic »

Udělal jsem to, našlo to 5 hrozeb, ale bohužel log se mi nezobrazil, protože je nějaký problém s adobe. Log jsem následně našel i ve výpisu logů, ale opět nelze otevřít.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyčištění notebooku od havěti

#4 Příspěvek od Rudy »

Pokud jste je smazal, dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
brdic
Návštěvník
Návštěvník
Příspěvky: 109
Registrován: 13 bře 2005 22:00

Re: Vyčištění notebooku od havěti

#5 Příspěvek od brdic »

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-06-2017 01
Ran by Brdíci (15-06-2017 21:37:11)
Running from C:\Users\Brdíci\Desktop
Microsoft Windows 10 Pro Version 1607 (X86) (2016-10-12 16:27:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-529510219-857933644-3456723339-500 - Administrator - Disabled)
Brdíci (S-1-5-21-529510219-857933644-3456723339-1000 - Administrator - Enabled) => C:\Users\Brdíci
DefaultAccount (S-1-5-21-529510219-857933644-3456723339-503 - Limited - Disabled)
Guest (S-1-5-21-529510219-857933644-3456723339-501 - Limited - Disabled)
vladu (S-1-5-21-529510219-857933644-3456723339-1206 - Limited - Enabled)
zdenk (S-1-5-21-529510219-857933644-3456723339-1204 - Limited - Enabled) => C:\Users\zdenk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Balíček ovladače systému Windows - AuthenTec Inc. (ATSwpWDF) Biometric (10/02/2008 8.1.2.37) (HKLM\...\A4680BD43717441189C52EBF2C4FD6B182EE1101) (Version: 10/02/2008 8.1.2.37 - AuthenTec Inc.)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{FD417077-C2FE-46DB-942A-228179B308D5}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - TR (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (HKLM\...\_{86F23E59-06B3-432A-9D16-B6A4DF379571}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.1 - Corel Corporation) Hidden
CSGO WaRzOnE Launcher (HKLM\...\CSGO WaRzOnE Launcher 1.0) (Version: 1.0 - Warzone)
CSGO WaRzOnE Launcher (Version: 1.0 - Warzone) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.101.211 - Alps Electric)
DLL-Files.com Client (HKLM\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
HiSuite (HKLM\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
IPM_Common_x86 (Version: 2.2 - Your Company Name) Hidden
iTunes (HKLM\...\{558C7B3E-84D0-4215-96EA-29282037F69D}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
KA15 (HKLM\...\{778BD16C-83B0-418C-8972-068A56E74C5C}) (Version: 4.5.1 - Allianz pojišťovna, a.s.)
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 53.0.3 (x86 cs)) (Version: 53.0.3 - Mozilla)
Podpora aplikací Apple (32bitová) (HKLM\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Poradce, verze 1.55/1 (HKLM\...\Hledik - Poradce) (Version: 1.55/1 - )
ROBLOX Player for Brdíci (HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
SafeZone Stable 3.55.2393.607 (Version: 3.55.2393.607 - Avast Software) Hidden
Seznam Software (HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\SeznamInstall) (Version: - Seznam.cz)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Brdíci\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Brdíci\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Brdíci\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\RobloxProxy64.dll (ROBLOX Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04D833C3-9F3F-46CE-BB53-3CD1E0231E76} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {086FDF3D-2035-481A-9A9D-EBB5B052547A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software)
Task: {19E1D0D5-C5B1-4585-978B-BD03678F2191} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1AF04B77-F171-430D-9DD6-45FA57E863E2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B487F18-D971-4EF6-8C32-2100A7F393D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {216B0741-D6D7-4486-A5AA-03CAC613907A} - System32\Tasks\{B67EABC5-D390-47CF-B439-94EDDC13C140} => pcalua.exe -a E:\setup.exe -d E:\
Task: {2438DECE-1A8E-4B60-8B0B-E34057E4977E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24FDBB51-0A2E-4B8E-961F-097BBF9E019A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {26BAF881-497A-4239-BF92-CA166EB2277B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2B1E3A50-EEF9-48F9-AFAF-5123583046EB} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files\Corel\CUH\v2\CUH.exe [2016-06-24] (Corel Corporation)
Task: {356BABCF-CFF1-414E-82BD-EB555F70F408} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {421F7F45-DB6B-4C52-A1F8-ECDAF1B3F825} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4D79A09A-E903-4931-8980-F8A6CE77D2B8} - System32\Tasks\SafeZone scheduled Autoupdate 1463951370 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software)
Task: {4F111BFA-A476-41C2-8A70-31B806F89441} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4F72520E-814E-48E1-B2A3-0C9E19D3600A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {56B9261D-90F5-4E5B-ADCC-795CEEF634ED} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5707B345-1367-42F1-8CD4-6D8CF31743EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5885F589-4F84-4371-9D2A-CDD7F75F1A80} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5D664E87-3E37-4DAF-A2CD-79C5207CD279} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {619D1F45-335F-492A-94A4-B5C30E62056D} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Brdíci\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {63BE0184-F699-421F-85A7-B1A3699C5FE7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {67603696-7AE7-405B-AC19-189E5A51BFA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-20] (Google Inc.)
Task: {6F024134-D9C1-41F7-A532-E53F89B5FE9C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {778E1DC6-7265-4F89-AAA9-0BA0168F5663} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-20] (Google Inc.)
Task: {7D72C818-E49B-4C2A-91AF-05020DE734B7} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-12-23] ()
Task: {8752391E-0575-4E69-883F-D6876CB04274} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8AEB8D8B-A054-4431-8FD4-5626EB965C92} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8DAD2D38-D9AF-407E-A6F9-CDCB8EA6C5EA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8E63FC62-B9DA-42CC-8F83-C29468F53FAD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {931F7CCB-BAAE-4185-BCA0-BD69548C454C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98E02F38-685F-49EB-9B7F-D6DD1797DAEB} - System32\Tasks\{6D850D9F-34E4-4046-9204-7E11582C138C} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A0E41695-4A49-44A3-A365-6A831AC7B30E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A18DDA29-3B39-434F-A513-60D604CA7A51} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6FE1FAB-0CC0-46ED-B120-FB944AB8C97E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {ABA2904B-4FD2-4111-8CE1-8BF1FD9678C1} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {B1374992-5CB9-4406-A011-58F3AC1E888B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B2B00700-9804-4151-8DE8-DE8E930F0817} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B5C990B1-0AD8-462F-83C8-B6C966599C40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A5D65-A726-454C-85B8-8A280D9A03EF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B868DEAC-C12F-4160-8E6E-FA6844A58239} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-17] (AVAST Software)
Task: {C224BCED-C350-4C88-A8E8-B6A9C445595C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7C52BEA-FC0A-4F52-AEF1-15C3E550BE8D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-13] (Adobe Systems Incorporated)
Task: {D778BB83-C085-4EB2-82E3-5C082135E826} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7F9B4E4-105E-4F29-B4D8-1243D9F1204A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB6BCA33-95D1-46AF-A593-5742B3611ECE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB753457-8587-4390-997D-BD32AB07E365} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\zdenk\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {E0D9661C-874D-460C-BC51-01B98CC6787A} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {ED748C2F-1047-40E2-B70F-F44A54C507BA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {EDD2304E-7F03-4585-94DD-47EA8E2B7F8C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EE49BAC7-696B-4930-98C0-600D308620AC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F952660F-1B0C-4C54-B019-6095FD97BD77} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {FAF5EB2B-B91B-40F3-9B19-4E83F6B911A6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FF7BDD5A-8E07-48C2-B053-67AB7F7E0153} - System32\Tasks\AVAST Software\Avast upgrade utility => C:\Program Files\Common Files\AV\avast! Antivirus\upgrade.exe [2017-04-17] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 10:25 - 2016-07-16 10:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-12 11:41 - 2017-04-28 02:56 - 02048488 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-03 20:06 - 2016-05-25 12:53 - 00155336 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
2013-07-18 22:12 - 2013-07-11 16:50 - 00116032 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2016-07-05 15:24 - 2016-07-05 15:24 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-12 18:33 - 2016-10-12 18:33 - 01383616 _____ () C:\Users\Brdíci\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-07-16 10:25 - 2016-07-16 10:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 10:15 - 2017-03-04 08:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 10:08 - 2017-03-04 08:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 10:08 - 2017-03-04 07:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 18:30 - 2016-10-12 18:30 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-12 11:40 - 2017-04-28 01:52 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-12 11:40 - 2017-04-28 01:55 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-10 07:32 - 2017-05-10 07:32 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-04-05 02:38 - 2017-04-05 02:38 - 23772240 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-12-23 20:10 - 2016-12-23 20:10 - 00323152 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2017-04-05 02:38 - 2017-04-05 02:38 - 69743184 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2017-01-18 19:07 - 00000144 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-529510219-857933644-3456723339-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 77.237.128.2 - 77.237.128.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{799A1B5B-C5BA-48A1-AAC8-4209F70A1BE0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{906F1BC2-0848-44C1-B676-F543F6EA28B5}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{7E02E881-5ED4-4E1D-8528-E1DB2FF03C3C}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{FBC1F048-E0A1-4F8E-80A2-8648B6DB587E}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{FC79D89D-2C4C-44E3-A051-5CE82E0626BA}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{71421373-41DA-4DB0-9109-76FB5B83E5B9}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{7D31EBC3-23EC-41AA-8E59-97C38DEAFD9E}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{A373BE1E-5EF0-4C2D-A3B7-9E02497DD14E}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{44D81A39-87A9-4759-984C-198D7B9EB866}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{53883B0D-B5B1-42B8-BFAB-DCE13E60B272}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{E8612321-EE37-4A50-8C11-A3D82A625ECE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B3C2AA0D-67F7-4142-91FE-E553ADC2564A}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{506E4AB0-3D34-41B8-9A2A-3BE8B70DBA25}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8C507C59-9891-4269-B9EA-3FC25D3F3F88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{278150C5-9246-4C7D-970F-799D41FDC2A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4DB8A8EA-8E23-415B-9CED-96019D5DC8E5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{118B5341-3C75-4293-83C0-E999EFCC7EF0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{2DE46224-B302-4CFB-B534-A3C9D701EB49}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{65E8BFF8-AA88-4F0D-A376-281A796E8BF6}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{432F9B75-B021-4D92-952D-CCCAC4935ECA}] => (Allow) C:\Program Files\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{710862C5-E85E-4B9E-A4B7-689C0349421B}] => (Allow) C:\Program Files\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{C8EB7BD3-0E8E-40AC-9498-00D0431911E7}] => (Allow) C:\Program Files\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{47899385-FF89-454C-AB11-876321ACE5A3}] => (Allow) C:\Program Files\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{D593A321-ED1C-4793-B06B-78A5BD52A2F9}] => (Allow) C:\Program Files\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{82E70941-89F8-43AA-92FA-8E476D80CDA8}] => (Allow) C:\Program Files\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{14D07646-774A-4D0D-81ED-7B5896589252}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{63B3ABD0-647C-4B1D-BDE5-D5CB7A048EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B9CF2BF4-B8D1-4B02-A1BF-D5475992C6D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E964E6B-5CF8-475F-AA6B-108D2FF84655}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C1B07F66-887E-45B9-8FFE-2F3A84102DF2}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A627FEA5-6C1A-42B1-9253-684356433B78}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{376AC19F-4217-4A79-8DE6-C7D03D3D5D55}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{522C2DB2-C5D1-4FBB-B379-267F9F2ED7AC}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D44F7B79-8D01-4EAD-A125-A04D9EE43255}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelDrw.exe
FirewallRules: [{2AFF3020-96DB-411C-A1CC-BECEF1699B5F}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelPP.exe
FirewallRules: [TCP Query User{B9BACD1D-5D34-4B4E-8C32-04F9402D0470}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{52790459-7071-4324-8602-9DFD0415BAEA}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [{AB569ADC-7845-4DE1-BC6F-E10316A1BDC8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [{714D5343-90E9-46A9-8CA3-FEF25A9B1B41}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{E1B06853-8A1F-4844-9415-D59DD0C1D037}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe

==================== Restore Points =========================

30-05-2017 08:45:49 Windows Update
02-06-2017 10:51:55 Windows Update
06-06-2017 10:06:05 Windows Update
12-06-2017 20:36:30 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2017 08:41:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:37 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:37 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:37 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:37 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:37 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:34 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)


System errors:
=============
Error: (06/15/2017 08:56:35 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače VLAĎUS,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{F047863A-1889-4446-81D2-BF07641E6F4.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (06/15/2017 08:15:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): Hewlett-Packard - Imaging - Null Print - HP Deskjet 3520 series.

Error: (06/15/2017 07:41:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_21428 byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (06/15/2017 07:40:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (06/15/2017 07:39:26 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056 = Instance této služby je již spuštěna.

Error: (06/15/2017 07:38:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/15/2017 07:38:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (06/15/2017 07:38:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HiSuiteOuc.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/15/2017 07:38:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/15/2017 07:38:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2017-06-15 08:51:54.460
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.140
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.093
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:51.110
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:49.844
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-16 19:52:21.291
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-16 19:52:21.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Percentage of memory in use: 50%
Total physical RAM: 3032.85 MB
Available physical RAM: 1492.93 MB
Total Virtual: 6104.85 MB
Available Virtual: 4458.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.04 GB) (Free:70.03 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:151.6 GB) (Free:133.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 00000080)
Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
Partition 3: (Not Active) - (Size=151.6 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-06-2017 01
Ran by Brdíci (administrator) on BRDÍCI-PC (15-06-2017 21:35:51)
Running from C:\Users\Brdíci\Desktop
Loaded Profiles: Brdíci (Available Profiles: Brdíci & zdenk & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\AEstSrv.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-16] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [200704 2008-08-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-07-26] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1086376 2012-08-03] (Nokia)
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Brdíci\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Brdíci\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-10] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 77.237.128.2 77.237.128.1
Tcpip\..\Interfaces\{2213107e-f9a7-4c52-bd47-1967af1ac80f}: [DhcpNameServer] 176.107.120.35 176.107.120.42
Tcpip\..\Interfaces\{f047863a-1889-4446-81d2-bf07641e6f4e}: [DhcpNameServer] 77.237.128.2 77.237.128.1

Internet Explorer:
==================
HKU\S-1-5-21-529510219-857933644-3456723339-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {068E70B5-42CB-421B-AEC1-774902ABFE57} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {1879FF1C-F09E-458F-AD59-EDE77CBB52F7} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {1A543F3B-2703-4229-9883-2530ECB5F8BA} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {30891B69-791C-48F3-A895-222E11D2B26D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {40E1742A-2ECB-478A-9338-BE2BF0ABC09A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {52607051-57A0-43D0-ABCD-EE06819BDFA0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {A4A218D6-CE39-4339-B3F2-3CB4115783DD} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {A74A5B07-8082-44C2-8D34-FCDBA933623B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {E06A9E9C-BCBC-4CE8-9385-BF8A10596C06} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-17] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default [2017-06-15]
FF user.js: detected! => C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\user.js [2014-09-20]
FF Homepage: Mozilla\Firefox\Profiles\budn51vn.default -> hxxp://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\budn51vn.default -> type", 0
FF Extension: (Widevine Media Optimizer) - C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2016-01-13] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-18]
FF SearchPlugin: C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\searchplugins\firmycz.xml [2015-10-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-13] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-08-03] ( )
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-12-04] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-529510219-857933644-3456723339-1000: @nsroblox.roblox.com/launcher -> C:\Users\Brdíci\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-529510219-857933644-3456723339-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Brdíci\AppData\Local\Roblox\Versions\version-b5da7e35345f4359\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-529510219-857933644-3456723339-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Brdíci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-05-07] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]

Chrome:
=======
CHR Profile: C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default [2016-10-27]
CHR Extension: (Prezentace Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-25]
CHR Extension: (Dokumenty Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-25]
CHR Extension: (Disk Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-25]
CHR Extension: (YouTube) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-25]
CHR Extension: (Avast SafePrice) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-10-25]
CHR Extension: (Tabulky Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-25]
CHR Extension: (Avast Online Security) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-25]
CHR Extension: (Gmail) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\aestsrv.exe [81920 2009-03-16] (Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5732136 2017-05-10] (AVAST Software s.r.o.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1668344 2008-10-16] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [116032 2013-07-11] ()
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [155336 2016-05-25] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-10-12] (Microsoft Corporation)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\STacSV.exe [254042 2009-03-16] (IDT, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271488 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [258288 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [148696 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [268016 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [41664 2017-05-10] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [65344 2016-12-20] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34136 2017-05-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [31064 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [107928 2017-05-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [90336 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [62152 2017-05-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [764576 2017-05-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [482608 2017-05-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [115152 2017-05-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [279800 2017-05-10] (AVAST Software)
R3 BTDriver; C:\WINDOWS\system32\DRIVERS\btport.sys [37160 2008-02-05] (Broadcom Corporation.)
R3 btkrnl; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [990632 2008-04-15] (Broadcom Corporation.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2013-11-23] (Disc Soft Ltd)
R3 itecir; C:\WINDOWS\system32\DRIVERS\itecir.sys [84600 2015-11-24] (ITE Tech. Inc. )
R3 ITECIRfilter; C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys [34000 2015-11-24] (ITE Tech. Inc. )
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7518208 2016-07-16] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-15 20:05 - 2017-06-15 20:05 - 38624400 _____ (Adobe Systems Incorporated) C:\Users\Brdíci\Desktop\AdbeRdr11000_cs_CZ.exe
2017-06-15 20:05 - 2017-06-15 20:05 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-15 19:48 - 2017-06-15 19:48 - 00002094 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-06-15 19:35 - 2017-06-15 19:35 - 04110280 _____ C:\Users\Brdíci\Desktop\adwcleaner_6.047.exe
2017-06-15 17:24 - 2017-06-15 21:35 - 00000000 ____D C:\Users\Brdíci\Desktop\FRST-OlderVersion
2017-06-15 11:24 - 2017-06-15 11:23 - 00043011 _____ C:\Users\zdenk\Desktop\předpis - kopie.pdf
2017-06-15 11:23 - 2017-06-15 11:23 - 00043011 _____ C:\Users\zdenk\Desktop\předpis.pdf
2017-06-15 11:18 - 2017-06-15 11:18 - 00036712 _____ C:\Users\zdenk\Desktop\575242495.pdf
2017-06-15 11:18 - 2017-06-15 11:18 - 00036712 _____ C:\Users\zdenk\Desktop\575242495 - kopie.pdf
2017-06-15 10:58 - 2017-06-15 10:57 - 00246608 _____ C:\Users\zdenk\Desktop\DAGetDocument - kopie.pdf
2017-06-15 10:57 - 2017-06-15 10:57 - 00246608 _____ C:\Users\zdenk\Desktop\DAGetDocument.pdf
2017-06-15 10:34 - 2017-06-15 10:34 - 00246608 _____ C:\Users\zdenk\Desktop\pan Horáček.pdf
2017-06-15 10:29 - 2017-06-15 10:30 - 03396071 _____ C:\Users\zdenk\Desktop\kmen 2017 terka.xlsx
2017-06-14 22:38 - 2017-06-15 17:26 - 00041155 _____ C:\Users\Brdíci\Desktop\Addition.txt
2017-06-14 22:36 - 2017-06-15 21:36 - 00017081 _____ C:\Users\Brdíci\Desktop\FRST.txt
2017-06-14 22:16 - 2017-06-14 22:16 - 00001450 _____ C:\AdwCleaner[R3].txt
2017-06-14 22:14 - 2017-06-14 22:15 - 00001390 _____ C:\AdwCleaner[R2].txt
2017-06-14 22:00 - 2017-06-14 22:01 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 21:29 - 2017-06-03 12:22 - 00231776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 21:29 - 2017-06-03 12:03 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 21:29 - 2017-06-03 11:58 - 00154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 21:29 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 21:29 - 2017-06-03 11:54 - 00290656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 21:29 - 2017-06-03 11:43 - 01964384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 21:29 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 21:29 - 2017-06-03 11:32 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 21:29 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-06-14 21:29 - 2017-06-03 11:30 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 21:29 - 2017-06-03 11:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 21:29 - 2017-06-03 11:25 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 21:29 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 21:29 - 2017-06-03 11:06 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 21:29 - 2017-06-03 11:04 - 01889792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 21:29 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 21:29 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 21:29 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 01336160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00514400 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00455000 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00284000 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00254816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00083296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 21:28 - 2017-06-03 12:50 - 00030560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 21:28 - 2017-06-03 12:15 - 00099672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 21:28 - 2017-06-03 12:13 - 05996384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 21:28 - 2017-06-03 12:13 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 21:28 - 2017-06-03 12:03 - 00950112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 21:28 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 21:28 - 2017-06-03 11:55 - 01896288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 21:28 - 2017-06-03 11:55 - 00342368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 21:28 - 2017-06-03 11:53 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 21:28 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 21:28 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 21:28 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 21:28 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 21:28 - 2017-06-03 11:48 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 21:28 - 2017-06-03 11:44 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 21:28 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 21:28 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 21:28 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 21:28 - 2017-06-03 11:31 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 21:28 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 21:28 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 21:28 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 21:28 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-06-14 21:28 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 21:28 - 2017-06-03 11:20 - 00668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 21:28 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 21:28 - 2017-06-03 11:16 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 21:28 - 2017-06-03 11:16 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 21:28 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 21:28 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 21:28 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 21:28 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 21:28 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 01236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 21:28 - 2017-06-03 11:05 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 21:28 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 21:28 - 2017-06-02 09:35 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-14 21:28 - 2017-05-25 08:56 - 00034144 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 21:28 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-06-14 21:28 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-06-14 11:50 - 2017-06-14 11:50 - 00000000 ____D C:\Users\zdenk\AppData\Roaming\Corel
2017-06-14 11:30 - 2017-06-14 11:30 - 00067825 _____ C:\Users\zdenk\Desktop\20170614112316730.pdf
2017-06-13 10:37 - 2017-06-13 11:34 - 00027841 _____ C:\Users\zdenk\Desktop\MA 08.xlsx
2017-06-07 11:47 - 2017-06-07 11:19 - 00012384 _____ C:\Users\zdenk\Desktop\POV přepočty 7-14 do 9-14 - kopie.xlsx
2017-06-07 11:19 - 2017-06-07 12:11 - 00012444 _____ C:\Users\zdenk\Desktop\POV přepočty 7-14 do 9-14.xlsx
2017-06-07 11:14 - 2017-06-07 11:14 - 00000000 ____D C:\Users\zdenk\Desktop\přepočty
2017-06-07 09:23 - 2017-06-07 09:23 - 00055160 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-06 10:39 - 2017-06-06 10:40 - 00000000 ____D C:\Users\zdenk\Desktop\FOTKY
2017-05-31 10:01 - 2017-05-31 10:01 - 00280070 _____ C:\Users\zdenk\Documents\Scan0003.pdf
2017-05-16 17:45 - 2017-06-03 08:36 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-05-16 17:45 - 2017-06-03 08:36 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-15 21:35 - 2016-10-26 18:51 - 00000000 ____D C:\FRST
2017-06-15 21:35 - 2016-10-26 18:49 - 01777152 _____ (Farbar) C:\Users\Brdíci\Desktop\FRST.exe
2017-06-15 20:08 - 2016-11-22 18:45 - 00000000 ____D C:\Users\Brdíci\AppData\LocalLow\Mozilla
2017-06-15 19:54 - 2016-10-26 20:17 - 00000000 ____D C:\AdwCleaner
2017-06-15 19:48 - 2016-03-18 23:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-06-15 19:45 - 2016-10-12 17:47 - 02752526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-15 19:45 - 2016-07-16 19:01 - 01084000 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-15 19:45 - 2016-07-16 19:01 - 00282812 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-15 19:40 - 2016-11-20 14:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-15 19:40 - 2016-10-12 18:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-15 19:40 - 2012-07-08 10:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-06-15 19:39 - 2016-07-16 04:22 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-15 19:38 - 2012-07-07 23:37 - 00000000 ____D C:\ProgramData\ICQ
2017-06-15 17:01 - 2016-07-16 10:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-15 17:01 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-15 15:05 - 2016-06-22 21:12 - 00000000 ___RD C:\Users\zdenk\Desktop\OneDrive
2017-06-15 10:24 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-15 00:40 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 22:39 - 2016-07-16 10:28 - 00000000 ____D C:\WINDOWS\INF
2017-06-14 22:03 - 2016-10-12 17:39 - 00422176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 22:01 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 22:00 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 21:53 - 2016-10-12 17:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-14 21:47 - 2013-08-14 23:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 21:36 - 2016-07-16 10:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 21:36 - 2012-07-08 01:53 - 130903960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 11:49 - 2016-10-20 09:36 - 00000000 ____D C:\Users\zdenk\AppData\Local\Google
2017-06-14 08:01 - 2016-06-22 20:56 - 00002387 _____ C:\Users\zdenk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-13 20:32 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-07 11:15 - 2016-06-27 10:28 - 00000000 ____D C:\Users\zdenk\Desktop\Generali
2017-06-06 10:40 - 2016-10-04 08:58 - 00000000 ____D C:\Users\zdenk\Desktop\mamka
2017-06-02 07:34 - 2016-05-22 23:09 - 00001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-18 23:06 - 2016-10-12 17:48 - 00000000 ____D C:\Users\Brdíci
2017-05-18 14:33 - 2017-02-18 12:51 - 00852024 _____ (ROBLOX Corporation) C:\Users\Brdíci\Desktop\RobloxPlayerLauncher.exe
2017-05-18 14:28 - 2017-01-15 14:53 - 00000000 ____D C:\Users\Brdíci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-05-18 14:26 - 2016-05-17 23:39 - 00000000 ____D C:\Users\Brdíci\AppData\Local\Packages
2017-05-16 17:46 - 2012-07-07 20:52 - 00430248 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-16 17:44 - 2016-07-16 04:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-16 17:39 - 2016-07-16 04:22 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-16 14:25 - 2016-10-20 09:40 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 09:20 - 2014-08-01 16:01 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys

==================== Files in the root of some directories =======

2014-01-20 22:19 - 2014-01-20 22:23 - 0004608 _____ () C:\Users\Brdíci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-22 23:43 - 2012-12-22 23:43 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
2016-10-25 23:19 - 2016-10-25 23:19 - 0001536 _____ () C:\Users\Brdíci\AppData\Local\Temp\NOSEventMessages.dll
2017-04-17 18:52 - 2017-04-17 18:52 - 0739904 _____ (Oracle Corporation) C:\Users\zdenk\AppData\Local\Temp\jre-8u121-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-07 09:48

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyčištění notebooku od havěti

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
Task: {04D833C3-9F3F-46CE-BB53-3CD1E0231E76} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {19E1D0D5-C5B1-4585-978B-BD03678F2191} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {216B0741-D6D7-4486-A5AA-03CAC613907A} - System32\Tasks\{B67EABC5-D390-47CF-B439-94EDDC13C140} => pcalua.exe -a E:\setup.exe -d E:\
ask: {24FDBB51-0A2E-4B8E-961F-097BBF9E019A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {26BAF881-497A-4239-BF92-CA166EB2277B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
ask: {4F111BFA-A476-41C2-8A70-31B806F89441} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5707B345-1367-42F1-8CD4-6D8CF31743EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5885F589-4F84-4371-9D2A-CDD7F75F1A80} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8752391E-0575-4E69-883F-D6876CB04274} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {98E02F38-685F-49EB-9B7F-D6DD1797DAEB} - System32\Tasks\{6D850D9F-34E4-4046-9204-7E11582C138C} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {A0E41695-4A49-44A3-A365-6A831AC7B30E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
ask: {A6FE1FAB-0CC0-46ED-B120-FB944AB8C97E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {ABA2904B-4FD2-4111-8CE1-8BF1FD9678C1} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {B1374992-5CB9-4406-A011-58F3AC1E888B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EDD2304E-7F03-4585-94DD-47EA8E2B7F8C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EE49BAC7-696B-4930-98C0-600D308620AC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
U3 idsvc; no ImagePath
C:\Users\Brdíci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\Ament.ini

EmptyTemp:
ResetHosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
brdic
Návštěvník
Návštěvník
Příspěvky: 109
Registrován: 13 bře 2005 22:00

Re: Vyčištění notebooku od havěti

#7 Příspěvek od brdic »

Log mi bohužel nevyskočil, restaroval se PC a nic nevyskočilo. Udělal jsem tedy znovu nový log

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-06-2017 01
Ran by Brdíci (15-06-2017 22:32:28)
Running from C:\Users\Brdíci\Desktop
Microsoft Windows 10 Pro Version 1607 (X86) (2016-10-12 16:27:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-529510219-857933644-3456723339-500 - Administrator - Disabled)
Brdíci (S-1-5-21-529510219-857933644-3456723339-1000 - Administrator - Enabled) => C:\Users\Brdíci
DefaultAccount (S-1-5-21-529510219-857933644-3456723339-503 - Limited - Disabled)
Guest (S-1-5-21-529510219-857933644-3456723339-501 - Limited - Disabled)
zdenk (S-1-5-21-529510219-857933644-3456723339-1204 - Limited - Enabled) => C:\Users\zdenk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Balíček ovladače systému Windows - AuthenTec Inc. (ATSwpWDF) Biometric (10/02/2008 8.1.2.37) (HKLM\...\A4680BD43717441189C52EBF2C4FD6B182EE1101) (Version: 10/02/2008 8.1.2.37 - AuthenTec Inc.)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CSGO WaRzOnE Launcher (HKLM\...\CSGO WaRzOnE Launcher 1.0) (Version: 1.0 - Warzone)
CSGO WaRzOnE Launcher (Version: 1.0 - Warzone) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.101.211 - Alps Electric)
DLL-Files.com Client (HKLM\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
iTunes (HKLM\...\{558C7B3E-84D0-4215-96EA-29282037F69D}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
KA15 (HKLM\...\{778BD16C-83B0-418C-8972-068A56E74C5C}) (Version: 4.5.1 - Allianz pojišťovna, a.s.)
Microsoft Office Small Business 2007 (HKLM\...\SMALLBUSINESS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 53.0.3 (x86 cs)) (Version: 53.0.3 - Mozilla)
Podpora aplikací Apple (32bitová) (HKLM\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Poradce, verze 1.55/1 (HKLM\...\Hledik - Poradce) (Version: 1.55/1 - )
SafeZone Stable 3.55.2393.607 (Version: 3.55.2393.607 - Avast Software) Hidden
Seznam Software (HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\SeznamInstall) (Version: - Seznam.cz)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Brdíci\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-529510219-857933644-3456723339-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {086FDF3D-2035-481A-9A9D-EBB5B052547A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software)
Task: {1AF04B77-F171-430D-9DD6-45FA57E863E2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B487F18-D971-4EF6-8C32-2100A7F393D1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {2438DECE-1A8E-4B60-8B0B-E34057E4977E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {24FDBB51-0A2E-4B8E-961F-097BBF9E019A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {356BABCF-CFF1-414E-82BD-EB555F70F408} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {421F7F45-DB6B-4C52-A1F8-ECDAF1B3F825} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4D79A09A-E903-4931-8980-F8A6CE77D2B8} - System32\Tasks\SafeZone scheduled Autoupdate 1463951370 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-05-17] (Avast Software)
Task: {4F111BFA-A476-41C2-8A70-31B806F89441} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4F72520E-814E-48E1-B2A3-0C9E19D3600A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {56B9261D-90F5-4E5B-ADCC-795CEEF634ED} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5D664E87-3E37-4DAF-A2CD-79C5207CD279} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {619D1F45-335F-492A-94A4-B5C30E62056D} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Brdíci\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {63BE0184-F699-421F-85A7-B1A3699C5FE7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {67603696-7AE7-405B-AC19-189E5A51BFA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-20] (Google Inc.)
Task: {6F024134-D9C1-41F7-A532-E53F89B5FE9C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {778E1DC6-7265-4F89-AAA9-0BA0168F5663} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-10-20] (Google Inc.)
Task: {7D72C818-E49B-4C2A-91AF-05020DE734B7} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-12-23] ()
Task: {8AEB8D8B-A054-4431-8FD4-5626EB965C92} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8DAD2D38-D9AF-407E-A6F9-CDCB8EA6C5EA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8E63FC62-B9DA-42CC-8F83-C29468F53FAD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {931F7CCB-BAAE-4185-BCA0-BD69548C454C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A18DDA29-3B39-434F-A513-60D604CA7A51} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6FE1FAB-0CC0-46ED-B120-FB944AB8C97E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B2B00700-9804-4151-8DE8-DE8E930F0817} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B5C990B1-0AD8-462F-83C8-B6C966599C40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A5D65-A726-454C-85B8-8A280D9A03EF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B868DEAC-C12F-4160-8E6E-FA6844A58239} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-17] (AVAST Software)
Task: {C224BCED-C350-4C88-A8E8-B6A9C445595C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7C52BEA-FC0A-4F52-AEF1-15C3E550BE8D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-13] (Adobe Systems Incorporated)
Task: {D778BB83-C085-4EB2-82E3-5C082135E826} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7F9B4E4-105E-4F29-B4D8-1243D9F1204A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB6BCA33-95D1-46AF-A593-5742B3611ECE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB753457-8587-4390-997D-BD32AB07E365} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\zdenk\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {E0D9661C-874D-460C-BC51-01B98CC6787A} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {ED748C2F-1047-40E2-B70F-F44A54C507BA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F952660F-1B0C-4C54-B019-6095FD97BD77} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {FAF5EB2B-B91B-40F3-9B19-4E83F6B911A6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FF7BDD5A-8E07-48C2-B053-67AB7F7E0153} - System32\Tasks\AVAST Software\Avast upgrade utility => C:\Program Files\Common Files\AV\avast! Antivirus\upgrade.exe [2017-04-17] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 10:25 - 2016-07-16 10:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-12 11:41 - 2017-04-28 02:56 - 02048488 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-05 15:24 - 2016-07-05 15:24 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-18 22:12 - 2013-07-11 16:50 - 00116032 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2016-10-12 18:33 - 2016-10-12 18:33 - 01383616 _____ () C:\Users\Brdíci\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-07-16 10:25 - 2016-07-16 10:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 10:15 - 2017-03-04 08:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 10:08 - 2017-03-04 08:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 10:08 - 2017-03-04 07:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 18:30 - 2016-10-12 18:30 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-12 11:40 - 2017-04-28 01:52 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-12 11:40 - 2017-04-28 01:55 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2017-01-18 19:07 - 00000144 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-529510219-857933644-3456723339-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 77.237.128.2 - 77.237.128.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{799A1B5B-C5BA-48A1-AAC8-4209F70A1BE0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{906F1BC2-0848-44C1-B676-F543F6EA28B5}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{7E02E881-5ED4-4E1D-8528-E1DB2FF03C3C}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{FBC1F048-E0A1-4F8E-80A2-8648B6DB587E}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{FC79D89D-2C4C-44E3-A051-5CE82E0626BA}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{71421373-41DA-4DB0-9109-76FB5B83E5B9}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{7D31EBC3-23EC-41AA-8E59-97C38DEAFD9E}] => (Allow) C:\Program Files\ICQ7M\ICQ.exe
FirewallRules: [{A373BE1E-5EF0-4C2D-A3B7-9E02497DD14E}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{44D81A39-87A9-4759-984C-198D7B9EB866}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{53883B0D-B5B1-42B8-BFAB-DCE13E60B272}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{E8612321-EE37-4A50-8C11-A3D82A625ECE}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B3C2AA0D-67F7-4142-91FE-E553ADC2564A}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{506E4AB0-3D34-41B8-9A2A-3BE8B70DBA25}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8C507C59-9891-4269-B9EA-3FC25D3F3F88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{278150C5-9246-4C7D-970F-799D41FDC2A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4DB8A8EA-8E23-415B-9CED-96019D5DC8E5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{118B5341-3C75-4293-83C0-E999EFCC7EF0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{2DE46224-B302-4CFB-B534-A3C9D701EB49}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{65E8BFF8-AA88-4F0D-A376-281A796E8BF6}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{432F9B75-B021-4D92-952D-CCCAC4935ECA}] => (Allow) C:\Program Files\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{710862C5-E85E-4B9E-A4B7-689C0349421B}] => (Allow) C:\Program Files\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{C8EB7BD3-0E8E-40AC-9498-00D0431911E7}] => (Allow) C:\Program Files\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{47899385-FF89-454C-AB11-876321ACE5A3}] => (Allow) C:\Program Files\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{D593A321-ED1C-4793-B06B-78A5BD52A2F9}] => (Allow) C:\Program Files\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{82E70941-89F8-43AA-92FA-8E476D80CDA8}] => (Allow) C:\Program Files\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{14D07646-774A-4D0D-81ED-7B5896589252}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{63B3ABD0-647C-4B1D-BDE5-D5CB7A048EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B9CF2BF4-B8D1-4B02-A1BF-D5475992C6D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E964E6B-5CF8-475F-AA6B-108D2FF84655}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C1B07F66-887E-45B9-8FFE-2F3A84102DF2}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A627FEA5-6C1A-42B1-9253-684356433B78}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{376AC19F-4217-4A79-8DE6-C7D03D3D5D55}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{522C2DB2-C5D1-4FBB-B379-267F9F2ED7AC}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{B9BACD1D-5D34-4B4E-8C32-04F9402D0470}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{52790459-7071-4324-8602-9DFD0415BAEA}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [{AB569ADC-7845-4DE1-BC6F-E10316A1BDC8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [{714D5343-90E9-46A9-8CA3-FEF25A9B1B41}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{E1B06853-8A1F-4844-9415-D59DD0C1D037}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe

==================== Restore Points =========================

30-05-2017 08:45:49 Windows Update
02-06-2017 10:51:55 Windows Update
06-06-2017 10:06:05 Windows Update
12-06-2017 20:36:30 Windows Update
15-06-2017 22:16:07 Removed Corel Graphics - Windows Shell Extension.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2017 10:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.14393.1198, časové razítko: 0x5902853c
Název chybujícího modulu: windows.immersiveshell.serviceprovider.dll, verze: 10.0.14393.0, časové razítko: 0x57898fb4
Kód výjimky: 0x80270233
Posun chyby: 0x0003aead
ID chybujícího procesu: 0x10b4
Čas spuštění chybující aplikace: 0x01d2e615a41f9518
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
ID zprávy: b108c33e-af04-48e9-8919-8b76fa712e1c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/15/2017 10:16:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/15/2017 10:16:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-529510219-857933644-3456723339-1206.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {6bc5b9d7-0208-435b-ba3b-13f5e355f6a6}

Error: (06/15/2017 10:09:44 PM) (Source: MsiInstaller) (EventID: 11706) (User: Brdíci-PC)
Description: Product: CorelDRAW Graphics Suite X8 -- Error 1706.No valid source could be found for product CorelDRAW Graphics Suite X8. The Windows Installer cannot continue.

Error: (06/15/2017 10:09:44 PM) (Source: MsiInstaller) (EventID: 11706) (User: Brdíci-PC)
Description: Product: CorelDRAW Graphics Suite X8 -- Error 1706.No valid source could be found for product CorelDRAW Graphics Suite X8. The Windows Installer cannot continue.

Error: (06/15/2017 08:41:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)

Error: (06/15/2017 08:41:37 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Vytvoření výčtu relací uživatelů pro generování fondů filtrů se nezdařilo.

Podrobnosti:
(HRESULT : 0x80040210) (0x80040210)


System errors:
=============
Error: (06/15/2017 10:26:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_422de byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (06/15/2017 10:26:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba FontCache3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
%%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/15/2017 10:26:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby FontCache3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (06/15/2017 10:25:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058 = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (06/15/2017 10:25:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HuaweiHiSuiteService.exe neuspěla při spuštění v důsledku následující chyby:
%%2 = Systém nemůže nalézt uvedený soubor.

Error: (06/15/2017 10:17:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/15/2017 10:08:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_7b5316 byla ukončena s následující chybou:
%%2147500037 = Nespecifikovaná chyba

Error: (06/15/2017 09:44:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/15/2017 08:56:35 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače VLAĎUS,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{F047863A-1889-4446-81D2-BF07641E6F4.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (06/15/2017 08:15:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): Hewlett-Packard - Imaging - Null Print - HP Deskjet 3520 series.


CodeIntegrity:
===================================
Date: 2017-06-15 08:51:54.460
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.140
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.093
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:54.054
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:51.110
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-06-15 08:51:49.844
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-16 19:52:21.291
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2017-05-16 19:52:21.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Percentage of memory in use: 46%
Total physical RAM: 3032.85 MB
Available physical RAM: 1624.24 MB
Total Virtual: 6104.85 MB
Available Virtual: 4701.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146.04 GB) (Free:76.49 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:151.6 GB) (Free:133.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 00000080)
Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
Partition 3: (Not Active) - (Size=151.6 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-06-2017 01
Ran by Brdíci (administrator) on BRDÍCI-PC (15-06-2017 22:30:14)
Running from C:\Users\Brdíci\Desktop
Loaded Profiles: Brdíci (Available Profiles: Brdíci & zdenk & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\AEstSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Failed to access process -> explorer.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_22df65e269979a9a\TiWorker.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-16] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [200704 2008-08-01] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-07-26] (Apple Inc.)
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1086376 2012-08-03] (Nokia)
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Brdíci\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-529510219-857933644-3456723339-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Brdíci\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-10] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 77.237.128.2 77.237.128.1
Tcpip\..\Interfaces\{2213107e-f9a7-4c52-bd47-1967af1ac80f}: [DhcpNameServer] 176.107.120.35 176.107.120.42
Tcpip\..\Interfaces\{f047863a-1889-4446-81d2-bf07641e6f4e}: [DhcpNameServer] 77.237.128.2 77.237.128.1

Internet Explorer:
==================
HKU\S-1-5-21-529510219-857933644-3456723339-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {068E70B5-42CB-421B-AEC1-774902ABFE57} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {1879FF1C-F09E-458F-AD59-EDE77CBB52F7} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {1A543F3B-2703-4229-9883-2530ECB5F8BA} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {30891B69-791C-48F3-A895-222E11D2B26D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {40E1742A-2ECB-478A-9338-BE2BF0ABC09A} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {52607051-57A0-43D0-ABCD-EE06819BDFA0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {A4A218D6-CE39-4339-B3F2-3CB4115783DD} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {A74A5B07-8082-44C2-8D34-FCDBA933623B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-529510219-857933644-3456723339-1000 -> {E06A9E9C-BCBC-4CE8-9385-BF8A10596C06} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-17] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default [2017-06-15]
FF user.js: detected! => C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\user.js [2014-09-20]
FF Homepage: Mozilla\Firefox\Profiles\budn51vn.default -> hxxp://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\budn51vn.default -> type", 0
FF Extension: (Widevine Media Optimizer) - C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2016-01-13] [not signed]
FF Extension: (Seznam lištička) - C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-05-18]
FF SearchPlugin: C:\Users\Brdíci\AppData\Roaming\Mozilla\Firefox\Profiles\budn51vn.default\searchplugins\firmycz.xml [2015-10-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-13] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-08-03] ( )
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-12-04] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-529510219-857933644-3456723339-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Brdíci\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-05-07] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]

Chrome:
=======
CHR Profile: C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default [2017-06-15]
CHR Extension: (Prezentace Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-25]
CHR Extension: (Dokumenty Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-25]
CHR Extension: (Disk Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-25]
CHR Extension: (YouTube) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-25]
CHR Extension: (Avast SafePrice) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-10-25]
CHR Extension: (Tabulky Google) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-25]
CHR Extension: (Avast Online Security) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-25]
CHR Extension: (Gmail) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Brdíci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\aestsrv.exe [81920 2009-03-16] (Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5732136 2017-05-10] (AVAST Software s.r.o.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1668344 2008-10-16] (AuthenTec, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [116032 2013-07-11] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-10-12] (Microsoft Corporation)
R2 STacSV; C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_x86_4c73f4a9a59a84bb\STacSV.exe [254042 2009-03-16] (IDT, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271488 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-04-28] (Microsoft Corporation)
S2 HuaweiHiSuiteService.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe" -/service [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [258288 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [148696 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [268016 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [41664 2017-05-10] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [65344 2016-12-20] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34136 2017-05-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [31064 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [107928 2017-05-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [90336 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [62152 2017-05-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [764576 2017-05-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [482608 2017-05-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [115152 2017-05-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [279800 2017-05-10] (AVAST Software)
R3 BTDriver; C:\WINDOWS\system32\DRIVERS\btport.sys [37160 2008-02-05] (Broadcom Corporation.)
R3 btkrnl; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [990632 2008-04-15] (Broadcom Corporation.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2013-11-23] (Disc Soft Ltd)
R3 itecir; C:\WINDOWS\system32\DRIVERS\itecir.sys [84600 2015-11-24] (ITE Tech. Inc. )
R3 ITECIRfilter; C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys [34000 2015-11-24] (ITE Tech. Inc. )
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7518208 2016-07-16] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-15 22:30 - 2017-06-15 22:31 - 00015435 _____ C:\Users\Brdíci\Desktop\FRST.txt
2017-06-15 22:21 - 2017-06-15 22:23 - 00010621 _____ C:\Users\Brdíci\Desktop\Fixlog.txt
2017-06-15 20:05 - 2017-06-15 20:05 - 38624400 _____ (Adobe Systems Incorporated) C:\Users\Brdíci\Desktop\AdbeRdr11000_cs_CZ.exe
2017-06-15 19:48 - 2017-06-15 19:48 - 00002094 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-06-15 19:35 - 2017-06-15 19:35 - 04110280 _____ C:\Users\Brdíci\Desktop\adwcleaner_6.047.exe
2017-06-15 17:24 - 2017-06-15 21:35 - 00000000 ____D C:\Users\Brdíci\Desktop\FRST-OlderVersion
2017-06-15 11:24 - 2017-06-15 11:23 - 00043011 _____ C:\Users\zdenk\Desktop\předpis - kopie.pdf
2017-06-15 11:23 - 2017-06-15 11:23 - 00043011 _____ C:\Users\zdenk\Desktop\předpis.pdf
2017-06-15 11:18 - 2017-06-15 11:18 - 00036712 _____ C:\Users\zdenk\Desktop\575242495.pdf
2017-06-15 11:18 - 2017-06-15 11:18 - 00036712 _____ C:\Users\zdenk\Desktop\575242495 - kopie.pdf
2017-06-15 10:58 - 2017-06-15 10:57 - 00246608 _____ C:\Users\zdenk\Desktop\DAGetDocument - kopie.pdf
2017-06-15 10:57 - 2017-06-15 10:57 - 00246608 _____ C:\Users\zdenk\Desktop\DAGetDocument.pdf
2017-06-15 10:34 - 2017-06-15 10:34 - 00246608 _____ C:\Users\zdenk\Desktop\pan Horáček.pdf
2017-06-15 10:29 - 2017-06-15 10:30 - 03396071 _____ C:\Users\zdenk\Desktop\kmen 2017 terka.xlsx
2017-06-14 22:16 - 2017-06-14 22:16 - 00001450 _____ C:\AdwCleaner[R3].txt
2017-06-14 22:14 - 2017-06-14 22:15 - 00001390 _____ C:\AdwCleaner[R2].txt
2017-06-14 22:00 - 2017-06-14 22:01 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 21:29 - 2017-06-03 12:22 - 00231776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 21:29 - 2017-06-03 12:03 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 21:29 - 2017-06-03 11:58 - 00154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 21:29 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 21:29 - 2017-06-03 11:54 - 00290656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 21:29 - 2017-06-03 11:43 - 01964384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 21:29 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 21:29 - 2017-06-03 11:32 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 21:29 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-06-14 21:29 - 2017-06-03 11:30 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 21:29 - 2017-06-03 11:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 21:29 - 2017-06-03 11:25 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 21:29 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 21:29 - 2017-06-03 11:06 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 21:29 - 2017-06-03 11:04 - 01889792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 21:29 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 21:29 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 21:29 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 01336160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00514400 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00455000 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00284000 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00254816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 21:28 - 2017-06-03 12:50 - 00083296 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 21:28 - 2017-06-03 12:50 - 00030560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 21:28 - 2017-06-03 12:15 - 00099672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 21:28 - 2017-06-03 12:13 - 05996384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 21:28 - 2017-06-03 12:13 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 21:28 - 2017-06-03 12:03 - 00950112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 21:28 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 21:28 - 2017-06-03 11:55 - 01896288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 21:28 - 2017-06-03 11:55 - 00342368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 21:28 - 2017-06-03 11:53 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 21:28 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 21:28 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 21:28 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 21:28 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 21:28 - 2017-06-03 11:48 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 21:28 - 2017-06-03 11:44 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 21:28 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 21:28 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 21:28 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 21:28 - 2017-06-03 11:31 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 21:28 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 21:28 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 21:28 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 21:28 - 2017-06-03 11:25 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 21:28 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 21:28 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-06-14 21:28 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 21:28 - 2017-06-03 11:20 - 00668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 21:28 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 21:28 - 2017-06-03 11:16 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 21:28 - 2017-06-03 11:16 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 21:28 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 21:28 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 21:28 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 21:28 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 21:28 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 01236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 21:28 - 2017-06-03 11:05 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 21:28 - 2017-06-03 11:05 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 21:28 - 2017-06-03 11:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 21:28 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 21:28 - 2017-06-02 09:35 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-14 21:28 - 2017-05-25 08:56 - 00034144 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 21:28 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-06-14 21:28 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-06-14 11:50 - 2017-06-15 22:15 - 00000000 ____D C:\Users\zdenk\AppData\Roaming\Corel
2017-06-14 11:30 - 2017-06-14 11:30 - 00067825 _____ C:\Users\zdenk\Desktop\20170614112316730.pdf
2017-06-13 10:37 - 2017-06-13 11:34 - 00027841 _____ C:\Users\zdenk\Desktop\MA 08.xlsx
2017-06-07 11:47 - 2017-06-07 11:19 - 00012384 _____ C:\Users\zdenk\Desktop\POV přepočty 7-14 do 9-14 - kopie.xlsx
2017-06-07 11:19 - 2017-06-07 12:11 - 00012444 _____ C:\Users\zdenk\Desktop\POV přepočty 7-14 do 9-14.xlsx
2017-06-07 11:14 - 2017-06-07 11:14 - 00000000 ____D C:\Users\zdenk\Desktop\přepočty
2017-06-07 09:23 - 2017-06-07 09:23 - 00055160 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-06-06 10:39 - 2017-06-06 10:40 - 00000000 ____D C:\Users\zdenk\Desktop\FOTKY
2017-05-31 10:01 - 2017-05-31 10:01 - 00280070 _____ C:\Users\zdenk\Documents\Scan0003.pdf
2017-05-16 17:45 - 2017-06-03 08:36 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-05-16 17:45 - 2017-06-03 08:36 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-15 22:30 - 2016-10-26 18:51 - 00000000 ____D C:\FRST
2017-06-15 22:29 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-15 22:28 - 2016-11-22 18:45 - 00000000 ____D C:\Users\Brdíci\AppData\LocalLow\Mozilla
2017-06-15 22:25 - 2016-10-12 18:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-15 22:24 - 2016-07-16 04:22 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-06-15 22:24 - 2016-06-22 21:12 - 00000000 ___RD C:\Users\zdenk\Desktop\OneDrive
2017-06-15 22:23 - 2016-08-09 13:51 - 00000000 ____D C:\Users\zdenk\AppData\LocalLow\Temp
2017-06-15 22:22 - 2012-07-23 21:36 - 00000000 ____D C:\Users\Brdíci\AppData\LocalLow\Temp
2017-06-15 22:17 - 2013-07-18 21:38 - 00000000 ____D C:\Users\Brdíci\AppData\Local\HiSuite
2017-06-15 22:15 - 2016-12-25 13:28 - 00000000 ____D C:\Users\Brdíci\AppData\Roaming\Corel
2017-06-15 21:35 - 2016-10-26 18:49 - 01777152 _____ (Farbar) C:\Users\Brdíci\Desktop\FRST.exe
2017-06-15 19:54 - 2016-10-26 20:17 - 00000000 ____D C:\AdwCleaner
2017-06-15 19:48 - 2016-03-18 23:24 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-06-15 19:45 - 2016-10-12 17:47 - 02752526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-15 19:45 - 2016-07-16 19:01 - 01084000 _____ C:\WINDOWS\system32\perfh005.dat
2017-06-15 19:45 - 2016-07-16 19:01 - 00282812 _____ C:\WINDOWS\system32\perfc005.dat
2017-06-15 19:40 - 2016-11-20 14:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-15 19:40 - 2012-07-08 10:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-06-15 19:38 - 2012-07-07 23:37 - 00000000 ____D C:\ProgramData\ICQ
2017-06-15 17:01 - 2016-07-16 10:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-15 10:24 - 2016-02-13 14:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-15 00:40 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 22:39 - 2016-07-16 10:28 - 00000000 ____D C:\WINDOWS\INF
2017-06-14 22:03 - 2016-10-12 17:39 - 00422176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 22:01 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 22:00 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 21:53 - 2016-10-12 17:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-14 21:47 - 2013-08-14 23:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 21:36 - 2016-07-16 10:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 21:36 - 2012-07-08 01:53 - 130903960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 11:49 - 2016-10-20 09:36 - 00000000 ____D C:\Users\zdenk\AppData\Local\Google
2017-06-14 08:01 - 2016-06-22 20:56 - 00002387 _____ C:\Users\zdenk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-13 20:32 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-07 11:15 - 2016-06-27 10:28 - 00000000 ____D C:\Users\zdenk\Desktop\Generali
2017-06-06 10:40 - 2016-10-04 08:58 - 00000000 ____D C:\Users\zdenk\Desktop\mamka
2017-06-02 07:34 - 2016-05-22 23:09 - 00001197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-18 23:06 - 2016-10-12 17:48 - 00000000 ____D C:\Users\Brdíci
2017-05-18 14:26 - 2016-05-17 23:39 - 00000000 ____D C:\Users\Brdíci\AppData\Local\Packages
2017-05-16 17:46 - 2012-07-07 20:52 - 00430248 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-16 17:44 - 2016-07-16 04:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-16 17:39 - 2016-07-16 10:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-16 17:39 - 2016-07-16 04:22 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-16 14:25 - 2016-10-20 09:40 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 09:20 - 2014-08-01 16:01 - 00115152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-07 09:48

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyčištění notebooku od havěti

#8 Příspěvek od Rudy »

OK. Změnilo se něco k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
brdic
Návštěvník
Návštěvník
Příspěvky: 109
Registrován: 13 bře 2005 22:00

Re: Vyčištění notebooku od havěti

#9 Příspěvek od brdic »

Ano, je to vše mnohem lepší. Moc děkuji. Můžete mi ještě prosím notebook proklepnout co tam tak smazat atd.
Pokud už máte pocit, že je to takto v pořádku, ještě jednou moc děkuji !!!
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyčištění notebooku od havěti

#10 Příspěvek od Rudy »

Mělo by být. Pokud chcete hloubkový sken, spusťte MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
brdic
Návštěvník
Návštěvník
Příspěvky: 109
Registrován: 13 bře 2005 22:00

Re: Vyčištění notebooku od havěti

#11 Příspěvek od brdic »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 24.06.17
Čas skenování: 18:56
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.141
Aktualizovat verzi balíku komponent: 1.0.2224
Licence: Zkušební

-Systémová informace-
OS: Windows 10
CPU: x86
Systém souborů: NTFS
Uživatel: Brd\u00c3\u00adci-PC\Brd\u00c3\u00adci

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 607824
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 4 min, 54 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
PUP.Optional.Somoto, C:\USERS\BRDíCI\APPDATA\LOCAL\APPLICATION DATA\BUNDLED SOFTWARE UNINSTALLER\BI_CLIENT.EXE, Žádná uživatelská akce, [370], [301181],1.0.2224

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyčištění notebooku od havěti

#12 Příspěvek od Rudy »

Nelezenou položku smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“