Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Roman78
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 17 bře 2018 11:33

Prosím o kontrolu logu

#1 Příspěvek od Roman78 »

Dobrý den, chtěl bych poprosit o kontrolu logu. Zdá se mi, že i když mám spuštěnou jednu internetovou stránku, tak jede paměť přes 80 procent. Nebo například píšu text a na chvíli musím vždy zastavit než se text dopíše. Celkově je můj notebook jakoby zamrznutý. Moc děkuji za pomoc.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Roman Janas (17-03-2018 11:27:04)
Running from C:\Users\ROMAN JANAS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-13 22:43:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3828099873-3605611314-608352903-500 - Administrator - Disabled)
Guest (S-1-5-21-3828099873-3605611314-608352903-501 - Limited - Disabled)
Roman Janas (S-1-5-21-3828099873-3605611314-608352903-1000 - Administrator - Enabled) => C:\Users\Roman Janas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
American Conquest (HKLM-x32\...\American Conquest) (Version: - )
Apowersoft Online Launcher verze 1.6.1 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.6.1 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.149 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.149 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
Counter-Strike 1.6 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\Counter-Strike 1.6) (Version: - )
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Document Express DjVu Plug-in (HKLM\...\{63D38589-F9D9-4851-A37F-E142A8D14A32}) (Version: 6.1.35472 - Cuminas Corporation)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
ESET NOD32 Antivirus (HKLM\...\{D44F6B96-987A-47FF-AC37-4C82CD9DAE15}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Facebook Gameroom 1.8.6429.23271 (HKLM-x32\...\{D71E0CAE-F4B3-499E-B515-396B02139A39}) (Version: 1.8.6429.23271 - Facebook)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
HP Battery Check (HKLM-x32\...\HP Battery Check) (Version: 4.3.2.2 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.8.47.1 - HP Inc.)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.3268 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6648 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1029}) (Version: 8.3.309 - Nero AG)
Nero 9 Essentials (HKLM-x32\...\{6c2cf816-e4bb-4610-87b9-856901d3e81b}) (Version: - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NeroVision Express 3 (HKLM-x32\...\NeroVision!UninstallKey) (Version: - )
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roblox Player for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
ROBLOX Studio for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Ruská - rozložení jako latinka (1.1.1) (HKLM\...\{99CD43A2-7D5D-48C9-AF37-D42202648235}) (Version: 1.0.3.40 - Đonny)
SCR3xxx Smart Card Reader (HKLM-x32\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Služba Xperia Companion (HKLM\...\{86C9336F-6376-4E86-A09A-EA7177DEC3D5}) (Version: 1.7.2.0 - Sony) Hidden
Sothink FLV Player (HKLM-x32\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streaming Audio Recorder V4.1.8 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.1.8 - APOWERSOFT LIMITED)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Unity Web Player (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{058506CE-4E1C-4087-878E-61D8B5F8F47A}) (Version: 1.7.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{65415473-2761-4ee3-85c1-5fdf086444c6}) (Version: 1.7.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-06] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02C34753-094D-45C5-B82A-1231BD30BE2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {0EC8968F-2476-4D90-82C5-565B8E0E7EC9} - System32\Tasks\{7EA5EC10-EEFB-4000-87DD-9778FBCEF30C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX\dxsetup.exe" -d "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX"
Task: {2A58DC17-19EC-4FB3-A407-00BAB1B84702} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {45E133AD-F3D6-4724-9B2A-E0FB074C5B22} - System32\Tasks\{3F6A2BFC-3047-4CF3-89BC-A29E1652FB8B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\sp62061.exe" -d "C:\Users\Roman Janas\Downloads"
Task: {4C7501B3-EDB2-4AC2-A669-FFAB5E70930D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5098A890-9F05-4F8F-B3FC-7AAB3654857C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {529AC17D-2297-40E3-91DC-8596953083FA} - System32\Tasks\{FC01EA8F-F8E7-4543-B09F-1144EF6FE8A2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\American Conquest CZ 1.1.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {591977A4-F903-4B01-99CD-AE20DD52943C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-10] (AVAST Software)
Task: {5BFA3B3F-EFFC-4245-B006-FF3B2194F62F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7E0EDAC2-BCE8-4D84-A6AE-EFC3B937B228} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {8B026742-D86A-4B93-B241-D6E11AEACF08} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {912B34B5-D34C-439C-9972-B69CFA2FD199} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9B2246EA-2BFE-4414-819D-64C57E6855BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {B8282474-E1BA-46B8-B6BF-35E58F8B83E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BDAAB309-8685-4637-8740-F3DCBCD762D6} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3828099873-3605611314-608352903-1000 => C:\Users\Roman Janas\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {C1E4FA27-9505-441F-90DB-4CA61A97D864} - System32\Tasks\{0F98F8EB-2B09-460D-938F-56E7ADA6B423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\Extractor.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {D13FCAB9-68CF-4458-BE58-118F8FD04C73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {F63DA266-AD03-446F-8650-BB47EE2AB5D4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {F97C00F0-D83F-4ACC-8744-F0FB4A745340} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {FF4E2E25-9E9B-4B70-BADE-6E44DADEF849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-16 15:08 - 2017-03-16 15:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-17 10:43 - 2017-11-13 15:46 - 000092368 _____ () C:\Users\Roman Janas\AppData\Roaming\Seznam.cz\bin\1515libfoxloader-x64.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-15 04:42 - 2014-01-15 04:42 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-11-14 14:38 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
2013-10-17 22:28 - 2013-10-17 22:28 - 000028672 _____ () C:\WINDOWS\SYSTEM32\VALWBFPOLICYSERVICE.EXE
2018-03-02 22:32 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\WINDOWS\SYSTEM32\IccLibDll_x64.dll
2017-03-27 11:20 - 2017-03-27 11:20 - 001354040 _____ () C:\PROGRAM FILES\ITUNES\libxml2.dll
2017-03-27 11:20 - 2017-03-27 11:20 - 000092472 _____ () C:\PROGRAM FILES\ITUNES\zlib1.dll
2016-11-23 18:17 - 2017-11-13 15:38 - 000506064 _____ () C:\USERS\ROMAN JANAS\APPDATA\ROAMING\SEZNAM.CZ\BIN\SZNDESKTOP.EXE
2016-11-23 18:17 - 2017-02-08 12:39 - 000080576 _____ () C:\USERS\ROMAN JANAS\APPDATA\ROAMING\SEZNAM.CZ\BIN\LISTICKA-X64.EXE
2016-11-14 14:38 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2016-11-14 14:38 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2016-11-14 14:38 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2016-11-14 14:38 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2017-08-06 07:56 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-06 07:56 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-06 07:56 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 001157632 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\CefSharp.Core.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 068178432 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\libcef.dll
2018-03-17 10:43 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\Roman Janas\AppData\Roaming\Seznam.cz\bin\1515libfoxloader.dll
2017-09-10 21:51 - 2017-09-10 21:51 - 000798208 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\libsodium.dll
2016-11-14 18:30 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 000748032 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 002246144 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\libglesv2.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 000079360 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\libegl.dll
2016-11-23 18:17 - 2015-05-26 12:38 - 000862888 _____ () C:\Users\Roman Janas\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-11-23 18:17 - 2016-11-01 09:53 - 000995840 _____ () C:\Users\Roman Janas\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2017-10-18 22:58 - 2017-10-18 22:58 - 000570368 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman Janas\Pictures\Picasa\Pozadí\picasabackground-003.bmp
DNS Servers: 185.67.189.2 - 185.67.189.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7DBA6CB1-0A17-409E-9034-8902FDB42699}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46489C85-7D26-4805-B582-4E753CB23196}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{045568EF-4348-46CC-98BB-6CB9C82D28CB}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [UDP Query User{7ECF431F-DD36-4892-AE2A-7B2852C2F5ED}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [TCP Query User{7823293F-855B-4782-BBED-33EFFDAE2C83}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6483C747-616A-4E21-AD8D-F5E5FC1EB477}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{106AF63B-B002-4696-BC11-F9AE5A65AB78}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{64B321F8-DE8C-4A4C-867A-7F94C270ED25}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{5AB69803-682A-4966-8D85-F94EA5D2F3C4}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{4F083AD1-652A-4F2B-A3C1-5A4FEC36D9AA}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{7F6DF90E-EFA2-4E35-928D-7C6D0751711A}] => (Allow) LPort=80
FirewallRules: [{EFD269CF-104E-4C4D-8C54-7DA0646EBFE6}] => (Allow) LPort=443
FirewallRules: [{460D3937-BFD5-47B4-91A2-1AA48B5F2CB1}] => (Allow) LPort=20010
FirewallRules: [{1297A868-1975-490B-A628-015249D0CF56}] => (Allow) LPort=3478
FirewallRules: [{285005C4-B9CF-4621-A23E-D586F934058E}] => (Allow) LPort=7850
FirewallRules: [{5287D3D8-603F-4571-8442-2FC5FC236B21}] => (Allow) LPort=7852
FirewallRules: [{8467964D-96AD-4649-8CBD-7B3FE5AA54AE}] => (Allow) LPort=7853
FirewallRules: [{DA498C50-8BB5-4B9C-B184-45034BE50922}] => (Allow) LPort=27022
FirewallRules: [{F01CFDB2-44D3-478E-A95B-08873F89AF83}] => (Allow) LPort=6881
FirewallRules: [{6E9C0245-6DC0-4566-A1FE-7A5894A4AB23}] => (Allow) LPort=33333
FirewallRules: [{0E48C419-9AAF-4274-BAAD-4BF0C632EE36}] => (Allow) LPort=20443
FirewallRules: [{B319979B-47A8-44D3-9ACA-FE28F6D49250}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{D4B3546E-4393-4D0D-9C2F-5912F66EB92B}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{B3F8893B-4D34-4F48-82D9-35EDA24379F2}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{E5441FAF-F14F-4605-84DE-54F27D3FA171}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [UDP Query User{8CDA41D3-A187-47FD-91A9-680FF8D291A2}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [TCP Query User{F8D6ECF2-2158-42B4-8C5C-F05812B77640}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{199ECE93-372D-4BCF-9B7D-723AC005F861}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4B95ECF2-3D34-4174-AA66-A999524AC735}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{2E55B530-C375-45BB-9D9B-5655774F0875}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{95489A16-8394-4B80-9E65-7D9AB5A99C30}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{446ED07F-2C24-43AC-A17A-2E97127B6558}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{9300D633-0B77-4383-A4CF-BA6EEBD99826}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A27FEED3-A574-4092-AB57-B384FE191354}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0CD1EC2B-1285-4CD6-8183-FB2F7ECF6905}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C0BAEAEA-58D9-44A7-925A-2DAB4F14EB3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{094C1709-C1BE-4EF9-9233-62AF1954F60B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E9EDB444-882C-4072-A1D5-FDFB9B50CF2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CF0C9139-0066-4D91-809B-3DF2D918E65B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{4638E5C9-C851-4B88-B08E-E0A01809CB30}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{9BC50027-5531-498E-8ABF-175F346F87CA}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4848FDCA-B426-4E6C-AADF-3D2560BA2839}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{8C9EB861-1322-4026-BBBF-CAA6C828F4EC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{ABE6EC94-2FE3-46F4-8177-FB01E2F2C7B6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{6B329426-C7AC-4353-9352-875310338CB5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{3086C94F-A6A2-4F35-9241-DF4D2566429B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [TCP Query User{ED87B26F-CE04-4465-A068-0696134F375A}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [UDP Query User{D015BF35-04DB-4C7E-BB44-868FA83F70B3}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [{CE5F6A2C-23D6-4E33-BF18-FADDD756F855}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C5CEB7B-9349-4B11-BC98-03C0E1933888}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39C5558F-DA7E-43A7-8F9E-78D88FA53C3E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{732518DB-11B1-4AFE-B990-5FDF49F51E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0674AC1-ADE5-475C-BCB7-83192B7351E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{E2343E49-7969-4D4A-AE2F-45700CEB28E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{24FD85B3-567A-45DB-831F-685ABDAFB4E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E81CBA5-B0A3-43EC-9BA5-AC539E0B4D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDE7D0BF-D022-43C8-9ACF-E2451F076ECF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

23-01-2018 17:19:26 Naplánovaný kontrolní bod
24-02-2018 13:14:56 Naplánovaný kontrolní bod
17-03-2018 09:24:17 Removed Call of Duty(R) 2
17-03-2018 09:50:59 Removed Medal of Honor Airborne Demo

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2018 11:30:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SpywareTerminatorUpdate.exe, verze: 3.0.1.111, časové razítko: 0x58a4530a
Název chybujícího modulu: TorrentDll.dll, verze: 3.0.0.1, časové razítko: 0x4dbe5f67
Kód výjimky: 0xc0000417
Posun chyby: 0x00132780
ID chybujícího procesu: 0x1274
Čas spuštění chybující aplikace: 0x01d3bd5471ab8027
Cesta k chybující aplikaci: C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Spyware Terminator\TorrentDll.dll
ID zprávy: aa2060b6-2969-11e8-9646-70f395cc9f9f

Error: (02/24/2018 07:58:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: c1de7427-1994-11e8-803e-70f395cc9f9f

Error: (02/24/2018 07:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: a2d3adfb-1994-11e8-803e-70f395cc9f9f

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7114

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7114


System errors:
=============
Error: (03/17/2018 10:48:38 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 09:48:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/17/2018 09:48:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2018 09:48:38 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 09:23:55 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: Nelze spustit DCOM Server: {B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE} jako /. Došlo k chybě:
%%740 = Požadovaná operace vyžaduje zvýšená oprávnění.
při provádění příkazu:
C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding

Error: (03/17/2018 09:04:44 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 08:05:34 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 08:05:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


CodeIntegrity:
===================================

Date: 2017-09-11 14:28:26.393
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:24.025
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.290
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.847
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.455
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 79%
Total physical RAM: 3887.43 MB
Available physical RAM: 785.86 MB
Total Virtual: 7773.04 MB
Available Virtual: 3591.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:32.83 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:14.93 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{4f9b778f-a9f1-11e6-ada3-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AEDA26BE)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Roman78
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 17 bře 2018 11:33

Re: Prosím o kontrolu logu

#3 Příspěvek od Roman78 »

Nový log
# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 17 11:53:14 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: Hover Zoom -
Plugin deleted: Google Input Tools -
SearchProvider deleted: delta-homes - delta-homes
SearchProvider deleted: delta-homes - delta-homes
SearchProvider deleted: Slunečnice - slunecnice.cz
SearchProvider deleted: omiga-plus - omiga-plus


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1801 B] - [2018/3/17 11:49:23]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

Dejte nový log FRST+Additional.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Roman78
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 17 bře 2018 11:33

Re: Prosím o kontrolu logu

#5 Příspěvek od Roman78 »

Nový log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Roman Janas (17-03-2018 17:21:52)
Running from C:\Users\ROMAN JANAS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-13 22:43:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3828099873-3605611314-608352903-500 - Administrator - Disabled)
Guest (S-1-5-21-3828099873-3605611314-608352903-501 - Limited - Disabled)
Roman Janas (S-1-5-21-3828099873-3605611314-608352903-1000 - Administrator - Enabled) => C:\Users\Roman Janas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
American Conquest (HKLM-x32\...\American Conquest) (Version: - )
Apowersoft Online Launcher verze 1.6.1 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.6.1 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.149 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.149 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
Counter-Strike 1.6 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\Counter-Strike 1.6) (Version: - )
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Document Express DjVu Plug-in (HKLM\...\{63D38589-F9D9-4851-A37F-E142A8D14A32}) (Version: 6.1.35472 - Cuminas Corporation)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
ESET NOD32 Antivirus (HKLM\...\{D44F6B96-987A-47FF-AC37-4C82CD9DAE15}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Facebook Gameroom 1.8.6429.23271 (HKLM-x32\...\{D71E0CAE-F4B3-499E-B515-396B02139A39}) (Version: 1.8.6429.23271 - Facebook)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
HP Battery Check (HKLM-x32\...\HP Battery Check) (Version: 4.3.2.2 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.8.47.1 - HP Inc.)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.3268 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6648 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1029}) (Version: 8.3.309 - Nero AG)
Nero 9 Essentials (HKLM-x32\...\{6c2cf816-e4bb-4610-87b9-856901d3e81b}) (Version: - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NeroVision Express 3 (HKLM-x32\...\NeroVision!UninstallKey) (Version: - )
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roblox Player for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
ROBLOX Studio for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Ruská - rozložení jako latinka (1.1.1) (HKLM\...\{99CD43A2-7D5D-48C9-AF37-D42202648235}) (Version: 1.0.3.40 - Đonny)
SCR3xxx Smart Card Reader (HKLM-x32\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Služba Xperia Companion (HKLM\...\{86C9336F-6376-4E86-A09A-EA7177DEC3D5}) (Version: 1.7.2.0 - Sony) Hidden
Sothink FLV Player (HKLM-x32\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streaming Audio Recorder V4.1.8 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.1.8 - APOWERSOFT LIMITED)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Unity Web Player (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{058506CE-4E1C-4087-878E-61D8B5F8F47A}) (Version: 1.7.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{65415473-2761-4ee3-85c1-5fdf086444c6}) (Version: 1.7.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-06] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02C34753-094D-45C5-B82A-1231BD30BE2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {0EC8968F-2476-4D90-82C5-565B8E0E7EC9} - System32\Tasks\{7EA5EC10-EEFB-4000-87DD-9778FBCEF30C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX\dxsetup.exe" -d "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX"
Task: {2A58DC17-19EC-4FB3-A407-00BAB1B84702} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {45E133AD-F3D6-4724-9B2A-E0FB074C5B22} - System32\Tasks\{3F6A2BFC-3047-4CF3-89BC-A29E1652FB8B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\sp62061.exe" -d "C:\Users\Roman Janas\Downloads"
Task: {4C7501B3-EDB2-4AC2-A669-FFAB5E70930D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5098A890-9F05-4F8F-B3FC-7AAB3654857C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {529AC17D-2297-40E3-91DC-8596953083FA} - System32\Tasks\{FC01EA8F-F8E7-4543-B09F-1144EF6FE8A2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\American Conquest CZ 1.1.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {591977A4-F903-4B01-99CD-AE20DD52943C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-10] (AVAST Software)
Task: {5BFA3B3F-EFFC-4245-B006-FF3B2194F62F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7E0EDAC2-BCE8-4D84-A6AE-EFC3B937B228} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {8B026742-D86A-4B93-B241-D6E11AEACF08} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {912B34B5-D34C-439C-9972-B69CFA2FD199} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9B2246EA-2BFE-4414-819D-64C57E6855BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {B8282474-E1BA-46B8-B6BF-35E58F8B83E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BDAAB309-8685-4637-8740-F3DCBCD762D6} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3828099873-3605611314-608352903-1000 => C:\Users\Roman Janas\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {C1E4FA27-9505-441F-90DB-4CA61A97D864} - System32\Tasks\{0F98F8EB-2B09-460D-938F-56E7ADA6B423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\Extractor.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {D13FCAB9-68CF-4458-BE58-118F8FD04C73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {F63DA266-AD03-446F-8650-BB47EE2AB5D4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {F97C00F0-D83F-4ACC-8744-F0FB4A745340} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {FF4E2E25-9E9B-4B70-BADE-6E44DADEF849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-16 15:08 - 2017-03-16 15:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-15 04:42 - 2014-01-15 04:42 - 000351824 _____ () C:\PROGRAMDATA\DATACARDSERVICE\HWDEVICESERVICE64.EXE
2016-11-14 14:38 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
2013-10-17 22:28 - 2013-10-17 22:28 - 000028672 _____ () C:\WINDOWS\SYSTEM32\VALWBFPOLICYSERVICE.EXE
2018-03-02 22:32 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\WINDOWS\SYSTEM32\IccLibDll_x64.dll
2016-11-14 14:38 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2016-11-14 14:38 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2016-11-14 14:38 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2016-11-14 14:38 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2017-08-06 07:56 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-06 07:56 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-06 07:56 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-11-14 18:30 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-10-18 22:58 - 2017-10-18 22:58 - 000570368 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman Janas\Pictures\Picasa\Pozadí\picasabackground-003.bmp
DNS Servers: 185.67.189.2 - 185.67.189.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7DBA6CB1-0A17-409E-9034-8902FDB42699}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46489C85-7D26-4805-B582-4E753CB23196}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{045568EF-4348-46CC-98BB-6CB9C82D28CB}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [UDP Query User{7ECF431F-DD36-4892-AE2A-7B2852C2F5ED}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [TCP Query User{7823293F-855B-4782-BBED-33EFFDAE2C83}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6483C747-616A-4E21-AD8D-F5E5FC1EB477}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{106AF63B-B002-4696-BC11-F9AE5A65AB78}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{64B321F8-DE8C-4A4C-867A-7F94C270ED25}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{5AB69803-682A-4966-8D85-F94EA5D2F3C4}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{4F083AD1-652A-4F2B-A3C1-5A4FEC36D9AA}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{7F6DF90E-EFA2-4E35-928D-7C6D0751711A}] => (Allow) LPort=80
FirewallRules: [{EFD269CF-104E-4C4D-8C54-7DA0646EBFE6}] => (Allow) LPort=443
FirewallRules: [{460D3937-BFD5-47B4-91A2-1AA48B5F2CB1}] => (Allow) LPort=20010
FirewallRules: [{1297A868-1975-490B-A628-015249D0CF56}] => (Allow) LPort=3478
FirewallRules: [{285005C4-B9CF-4621-A23E-D586F934058E}] => (Allow) LPort=7850
FirewallRules: [{5287D3D8-603F-4571-8442-2FC5FC236B21}] => (Allow) LPort=7852
FirewallRules: [{8467964D-96AD-4649-8CBD-7B3FE5AA54AE}] => (Allow) LPort=7853
FirewallRules: [{DA498C50-8BB5-4B9C-B184-45034BE50922}] => (Allow) LPort=27022
FirewallRules: [{F01CFDB2-44D3-478E-A95B-08873F89AF83}] => (Allow) LPort=6881
FirewallRules: [{6E9C0245-6DC0-4566-A1FE-7A5894A4AB23}] => (Allow) LPort=33333
FirewallRules: [{0E48C419-9AAF-4274-BAAD-4BF0C632EE36}] => (Allow) LPort=20443
FirewallRules: [{B319979B-47A8-44D3-9ACA-FE28F6D49250}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{D4B3546E-4393-4D0D-9C2F-5912F66EB92B}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{B3F8893B-4D34-4F48-82D9-35EDA24379F2}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{E5441FAF-F14F-4605-84DE-54F27D3FA171}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [UDP Query User{8CDA41D3-A187-47FD-91A9-680FF8D291A2}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [TCP Query User{F8D6ECF2-2158-42B4-8C5C-F05812B77640}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{199ECE93-372D-4BCF-9B7D-723AC005F861}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4B95ECF2-3D34-4174-AA66-A999524AC735}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{2E55B530-C375-45BB-9D9B-5655774F0875}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{95489A16-8394-4B80-9E65-7D9AB5A99C30}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{446ED07F-2C24-43AC-A17A-2E97127B6558}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{9300D633-0B77-4383-A4CF-BA6EEBD99826}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A27FEED3-A574-4092-AB57-B384FE191354}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0CD1EC2B-1285-4CD6-8183-FB2F7ECF6905}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C0BAEAEA-58D9-44A7-925A-2DAB4F14EB3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{094C1709-C1BE-4EF9-9233-62AF1954F60B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E9EDB444-882C-4072-A1D5-FDFB9B50CF2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CF0C9139-0066-4D91-809B-3DF2D918E65B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{4638E5C9-C851-4B88-B08E-E0A01809CB30}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{9BC50027-5531-498E-8ABF-175F346F87CA}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4848FDCA-B426-4E6C-AADF-3D2560BA2839}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{8C9EB861-1322-4026-BBBF-CAA6C828F4EC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{ABE6EC94-2FE3-46F4-8177-FB01E2F2C7B6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{6B329426-C7AC-4353-9352-875310338CB5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{3086C94F-A6A2-4F35-9241-DF4D2566429B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [TCP Query User{ED87B26F-CE04-4465-A068-0696134F375A}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [UDP Query User{D015BF35-04DB-4C7E-BB44-868FA83F70B3}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [{CE5F6A2C-23D6-4E33-BF18-FADDD756F855}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C5CEB7B-9349-4B11-BC98-03C0E1933888}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39C5558F-DA7E-43A7-8F9E-78D88FA53C3E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{732518DB-11B1-4AFE-B990-5FDF49F51E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0674AC1-ADE5-475C-BCB7-83192B7351E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{E2343E49-7969-4D4A-AE2F-45700CEB28E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{24FD85B3-567A-45DB-831F-685ABDAFB4E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E81CBA5-B0A3-43EC-9BA5-AC539E0B4D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDE7D0BF-D022-43C8-9ACF-E2451F076ECF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

23-01-2018 17:19:26 Naplánovaný kontrolní bod
24-02-2018 13:14:56 Naplánovaný kontrolní bod
17-03-2018 09:24:17 Removed Call of Duty(R) 2
17-03-2018 09:50:59 Removed Medal of Honor Airborne Demo

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2018 11:30:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SpywareTerminatorUpdate.exe, verze: 3.0.1.111, časové razítko: 0x58a4530a
Název chybujícího modulu: TorrentDll.dll, verze: 3.0.0.1, časové razítko: 0x4dbe5f67
Kód výjimky: 0xc0000417
Posun chyby: 0x00132780
ID chybujícího procesu: 0x1274
Čas spuštění chybující aplikace: 0x01d3bd5471ab8027
Cesta k chybující aplikaci: C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Spyware Terminator\TorrentDll.dll
ID zprávy: aa2060b6-2969-11e8-9646-70f395cc9f9f

Error: (02/24/2018 07:58:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: c1de7427-1994-11e8-803e-70f395cc9f9f

Error: (02/24/2018 07:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: a2d3adfb-1994-11e8-803e-70f395cc9f9f

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7114

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7114


System errors:
=============
Error: (03/17/2018 05:10:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/17/2018 05:10:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2018 05:10:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 05:10:09 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 01:46:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2018 12:55:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/17/2018 12:55:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2018 12:55:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


CodeIntegrity:
===================================

Date: 2017-09-11 14:28:26.393
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:24.025
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.290
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.847
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.455
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 3887.43 MB
Available physical RAM: 2104.71 MB
Total Virtual: 7773.04 MB
Available Virtual: 5973.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:31.32 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:14.93 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{4f9b778f-a9f1-11e6-ada3-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AEDA26BE)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Rudy »

Rudy píše:Dejte nový log FRST+Additional.
Toto je pouze additional.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Roman78
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 17 bře 2018 11:33

Re: Prosím o kontrolu logu

#7 Příspěvek od Roman78 »

Omlouvám se, tady je.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Roman Janas (administrator) on ROMANJANAS-PC (17-03-2018 18:14:15)
Running from C:\Users\ROMAN JANAS\Desktop
Loaded Profiles: Roman Janas (Available Profiles: Roman Janas)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
() C:\Windows\System32\valWBFPolicyService.exe
(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Roman Janas\Downloads\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2016-11-14] (Broadcom Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM\...\RunOnce: [NCInstallQueue] => rundll32 netman.dll,ProcessQueue
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7555e-aa6e-11e6-9df0-70f395cc9f9f} - G:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7556c-aa6e-11e6-9df0-70f395cc9f9f} - H:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {21656a8e-b3f6-11e6-be46-70f395cc9f9f} - G:\SETUP.EXE
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {364afc2f-27e4-11e7-b625-70f395cc9f9f} - H:\startme.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {7a185352-34bc-11e7-afaf-806e6f6e6963} - H:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {937affd2-a057-11e7-81f4-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 185.67.189.2 185.67.189.4 8.8.8.8 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{40DCD0B9-030E-417E-B7A3-DC8AA7362DB7}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{4859693B-4DB1-41C2-9E5E-386A7BDB91E5}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{753B067A-F864-43F2-985C-F572FE2A3264}: [DhcpNameServer] 185.67.189.2 185.67.189.4 8.8.8.8 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {12EF96A6-F80C-4E28-B0F6-843101296C70} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {156B038D-1C90-414B-A111-194B8A28B42A} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {4DA5A8BB-3EBC-4D0E-ADDC-DAED74A27C64} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {7E1D1F3B-2046-48D3-8D4A-5200DF7E62A9} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {852013E6-A2AE-4705-8B24-AF3162E4E34A} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {93574883-556C-4BFE-B9A5-61E4569C9EB2} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {C7C34F9D-3771-43E5-9B5D-BA285C5C68B4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {CA0E9F8E-1984-413E-BF70-4EA64B8EACB1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {FC813F90-9AD3-431A-A1FB-F23FA3EE43C4} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_28314
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2017-03-16] (Crawler Group, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2017-03-16] (Crawler Group, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)

FireFox:
========
FF DefaultProfile: rt69lvcy.default
FF ProfilePath: C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default [2018-03-17]
FF Homepage: Mozilla\Firefox\Profiles\rt69lvcy.default -> hxxps://www.google.cz/
FF Extension: (FindBar Tweak) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\fbt@quicksaver.xpi [2017-01-28] [Legacy]
FF Extension: (Google search link fix) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2018-01-11]
FF Extension: (Instant Translate: Select and Translate) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\jid1-TMndP6cdKgxLcQ@jetpack.xpi [2017-09-29]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\sko-extension@firma.seznam.cz [2018-03-17]
FF Extension: (Google Translator for Firefox) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\translator@zoli.bod.xpi [2018-01-02]
FF Extension: (YouTube High Definition) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2018-01-02]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2018-03-17]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-16] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2016-10-26] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-16] ()
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2016-12-27] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3828099873-3605611314-608352903-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman Janas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-03-23]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://google.cz/","ww ... oogle.com/"
CHR Profile: C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default [2018-03-17]
CHR Extension: (Prezentace) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-30]
CHR Extension: (Dokumenty) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-30]
CHR Extension: (Task Timer) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomfjmibjhhfdenfkpaodhnlhkolngif [2017-09-17]
CHR Extension: (Disk Google) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-17]
CHR Extension: (Fotor Photo Editor) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2017-09-17]
CHR Extension: (Zhasnout světla) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2018-03-16]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-23]
CHR Extension: (YouTube) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-17]
CHR Extension: (Guitar Tuner) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglmpmegfnbclojedloihcbkemoiddi [2017-09-17]
CHR Extension: (Gmail Offline) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2017-09-17]
CHR Extension: (bílý šum) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkjpdnomgodmagfmhojepjlajpoicip [2018-03-16]
CHR Extension: (Box) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2017-09-17]
CHR Extension: (Hodiny pro Google Chrome ™) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg [2017-09-17]
CHR Extension: (Photovisi - Photo Collage Maker) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emkkfkcbnpdnhgeolpbggbdogfngiadf [2017-09-17]
CHR Extension: (YoWindow Počasí Zdarma) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2017-09-17]
CHR Extension: (Tabulky) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-30]
CHR Extension: (Stupeflix Video Maker) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem [2017-09-17]
CHR Extension: (Stopky / časovač) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh [2018-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-18]
CHR Extension: (Planetarium) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2017-09-17]
CHR Extension: (AdBlock) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-16]
CHR Extension: (DocuSign - Secure Electronic Signature) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\goblijolcnempeilmnkmfbhohlpngemd [2017-09-17]
CHR Extension: (365Scores) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocaejggjgdmkhmbinicknpbhagkblop [2017-09-17]
CHR Extension: (TiltShiftMaker) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2017-09-17]
CHR Extension: (Pixlr Express) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2017-09-17]
CHR Extension: (Google Play Music) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2017-09-17]
CHR Extension: (The Weather Channel for Chrome) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2017-09-17]
CHR Extension: (Cycling the Alps) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh [2017-09-17]
CHR Extension: (Austin Marti Photography) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdndehbljljplchkfgmfepkncbcaobo [2017-09-17]
CHR Extension: (Until AM Web App) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2017-09-17]
CHR Extension: (Google Play) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-09-17]
CHR Extension: (Mapy Google) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-09-17]
CHR Extension: (ButtonBeats Guitar) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf [2017-09-17]
CHR Extension: (Onlive Clock) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\moddbcckaikhdnigidfcmaeelcobchpm [2017-09-17]
CHR Extension: (WGT Golf Game) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2017-09-17]
CHR Extension: (Google Input Tools) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig [2017-09-17]
CHR Extension: (Curling) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2017-09-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-17]
CHR Extension: (Hover Zoom) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2018-03-16]
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2017-09-17]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-23]
CHR Extension: (Google Publisher Toolbar) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2018-02-15]
CHR Extension: (Picasa) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2017-09-17]
CHR Extension: (Click&Clean App) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2018-03-16]
CHR Extension: (Psykopaint) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2017-09-17]
CHR Extension: (Evernote Web Clipper) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-01-23]
CHR Extension: (Gmail) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-15]
CHR Extension: (Projecturf) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfblbfhlabmoeeapniingkgbpaakicf [2017-09-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2836296 2016-12-14] (ESET)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 MBAMService; C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMSERVICE.EXE [6234056 2017-11-01] (Malwarebytes)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] ()
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3292416 2017-03-16] (Crawler Group, LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28672 2013-10-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2016-11-14] (Broadcom Corporation) [File not signed]
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2017-05-31] (Sony)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-14] (AVAST Software)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [70960 2016-12-13] (ESET)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-03-17] (Malwarebytes)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
R2 WinDivert1.2; C:\Windows\system32\drivers\WinDivert64.sys [37552 2017-08-25] (Basil)
S3 cpuz130; \??\C:\Users\ROMANJ~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X] <==== ATTENTION
S3 X6va064; \??\C:\Windows\SysWOW64\Drivers\X6va064 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-17 18:14 - 2018-03-17 18:16 - 000028845 _____ C:\Users\Roman Janas\Desktop\FRST.txt
2018-03-17 18:13 - 2018-03-17 18:13 - 000015327 _____ C:\Users\Roman Janas\Desktop\LM.bat
2018-03-17 12:45 - 2018-03-17 12:53 - 000000000 ____D C:\AdwCleaner
2018-03-17 12:43 - 2018-03-17 12:43 - 008222496 _____ (Malwarebytes) C:\Users\Roman Janas\Desktop\adwcleaner_7.0.8.0.exe
2018-03-17 11:29 - 2018-03-17 17:23 - 000082698 _____ C:\Users\Roman Janas\Desktop\FRST3.txt
2018-03-17 11:19 - 2018-03-17 11:19 - 000112640 _____ (forum.viry.cz) C:\Users\Roman Janas\Downloads\FRSTLauncher.exe
2018-03-17 11:18 - 2018-03-17 18:14 - 000000000 ____D C:\FRST
2018-03-17 11:18 - 2018-03-17 11:18 - 002403328 _____ (Farbar) C:\Users\Roman Janas\Desktop\FRST64.exe
2018-03-17 10:43 - 2018-03-17 10:43 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-03-17 10:43 - 2018-03-17 10:43 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2018-03-17 10:42 - 2018-03-17 10:48 - 000000000 ____D C:\ProgramData\SystemExplorer
2018-03-17 10:42 - 2018-03-17 10:42 - 000001086 _____ C:\Users\Public\Desktop\System Explorer.lnk
2018-03-17 10:42 - 2018-03-17 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2018-03-17 10:42 - 2018-03-17 10:42 - 000000000 ____D C:\Program Files (x86)\System Explorer
2018-03-17 10:39 - 2018-03-17 10:39 - 009372136 _____ C:\Users\Roman Janas\Downloads\SystemExplorerSetup_700.exe
2018-03-17 10:25 - 2018-03-17 10:53 - 000007606 _____ C:\Users\Roman Janas\AppData\Local\resmon.resmoncfg
2018-03-16 19:37 - 2018-03-16 19:37 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-02 22:32 - 2018-03-17 17:10 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-02 22:32 - 2018-03-02 22:32 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-02 22:32 - 2018-03-02 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-02 22:31 - 2018-03-02 22:31 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2018-03-02 22:31 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-02-24 20:02 - 2018-02-24 20:30 - 1714255872 _____ C:\Users\Roman Janas\Downloads\Putovani s Dinosaury (2013) CZ+SK Dabing - Moviestyl.avi
2018-02-24 20:02 - 2018-02-24 20:21 - 1158924288 _____ C:\Users\Roman Janas\Downloads\Capitan-America---Návrat-prvého-Avengera-cz-dabing (1).avi
2018-02-24 17:56 - 2018-02-24 20:54 - 1705556778 _____ C:\Users\Roman Janas\Downloads\Capitan America 1-Prvni Avenger (2011).avi
2018-02-21 21:43 - 2018-02-21 21:44 - 068685248 _____ C:\Users\Roman Janas\Downloads\Intel_multi-device_A13_R171131.exe
2018-02-21 21:43 - 2018-02-21 21:44 - 008345792 _____ C:\Users\Roman Janas\Downloads\R171789.exe
2018-02-17 22:20 - 2018-02-17 22:23 - 000000000 ____D C:\Users\Roman Janas\Desktop\Lucinka 18
2018-02-16 16:33 - 2018-02-16 16:48 - 1784640462 _____ C:\Users\Roman Janas\Downloads\Bitva o Sevastopol _ Nezlomná _ Битва за Севастополь _ Незламна _ Battle for Sevastopol 2015, CZ.mkv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-17 17:24 - 2016-11-20 00:21 - 000000000 ____D C:\Users\Roman Janas\AppData\LocalLow\Mozilla
2018-03-17 17:18 - 2009-07-14 05:45 - 000018256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-17 17:18 - 2009-07-14 05:45 - 000018256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-17 17:10 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-17 12:32 - 2017-05-29 14:06 - 000000000 ____D C:\Users\Roman Janas\Downloads\vše
2018-03-17 10:43 - 2016-11-23 18:17 - 000000000 ____D C:\Users\Roman Janas\AppData\Roaming\Seznam.cz
2018-03-17 09:56 - 2017-08-16 05:11 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-17 09:53 - 2017-04-23 15:41 - 000000000 ____D C:\Windows\system32\appmgmt
2018-03-17 09:30 - 2017-02-26 08:44 - 000000000 ____D C:\Users\Roman Janas\Counter-Strike 1.6
2018-03-17 09:23 - 2016-11-26 19:04 - 000000000 ____D C:\Program Files (x86)\CorePack
2018-03-17 08:04 - 2016-11-19 09:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-17 08:04 - 2016-11-14 14:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-16 23:30 - 2017-06-03 22:00 - 000000000 ____D C:\Users\Roman Janas\AppData\Local\CrashDumps
2018-03-16 20:12 - 2017-09-17 20:46 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-16 20:12 - 2017-09-17 20:46 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-16 19:37 - 2016-11-14 16:05 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-16 19:37 - 2016-11-14 16:05 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-16 19:37 - 2016-11-14 16:05 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-03-16 19:36 - 2016-11-14 16:05 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-16 19:36 - 2016-11-14 16:05 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-02 21:50 - 2016-11-18 23:09 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-25 09:09 - 2016-11-18 23:08 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-24 17:53 - 2009-07-14 16:18 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-02-24 17:53 - 2009-07-14 16:18 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-02-24 17:53 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-24 17:53 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-02-24 17:18 - 2009-07-14 06:08 - 000032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-02-21 21:37 - 2017-04-16 05:12 - 000000000 ____D C:\ProgramData\Spyware Terminator

==================== Files in the root of some directories =======

2016-12-22 16:46 - 2017-03-16 21:44 - 000009216 _____ () C:\Users\Roman Janas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-25 12:04 - 2017-08-25 12:04 - 000140800 _____ () C:\Users\Roman Janas\AppData\Local\installer.dat
2017-06-13 18:14 - 2017-06-13 18:31 - 049979264 _____ (Sony) C:\Users\Roman Janas\AppData\Local\pcc.exe
2018-03-17 10:25 - 2018-03-17 10:53 - 000007606 _____ () C:\Users\Roman Janas\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-24 13:07

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7555e-aa6e-11e6-9df0-70f395cc9f9f} - G:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7556c-aa6e-11e6-9df0-70f395cc9f9f} - H:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {21656a8e-b3f6-11e6-be46-70f395cc9f9f} - G:\SETUP.EXE
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {364afc2f-27e4-11e7-b625-70f395cc9f9f} - H:\startme.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {7a185352-34bc-11e7-afaf-806e6f6e6963} - H:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {937affd2-a057-11e7-81f4-806e6f6e6963} - H:\AutoRun.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 X6va064; \??\C:\Windows\SysWOW64\Drivers\X6va064 [X]
C:\Users\Roman Janas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {D13FCAB9-68CF-4458-BE58-118F8FD04C73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {FF4E2E25-9E9B-4B70-BADE-6E44DADEF849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Roman78
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 17 bře 2018 11:33

Re: Prosím o kontrolu logu

#9 Příspěvek od Roman78 »

LastRegBack: 2018-02-24 13:07

==================== End of FRST.txt ============================








a







Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Roman Janas (17-03-2018 19:18:19)
Running from C:\Users\ROMAN JANAS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-13 22:43:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3828099873-3605611314-608352903-500 - Administrator - Disabled)
Guest (S-1-5-21-3828099873-3605611314-608352903-501 - Limited - Disabled)
Roman Janas (S-1-5-21-3828099873-3605611314-608352903-1000 - Administrator - Enabled) => C:\Users\Roman Janas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
American Conquest (HKLM-x32\...\American Conquest) (Version: - )
Apowersoft Online Launcher verze 1.6.1 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.6.1 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.149 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.149 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
Counter-Strike 1.6 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\Counter-Strike 1.6) (Version: - )
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Document Express DjVu Plug-in (HKLM\...\{63D38589-F9D9-4851-A37F-E142A8D14A32}) (Version: 6.1.35472 - Cuminas Corporation)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
ESET NOD32 Antivirus (HKLM\...\{D44F6B96-987A-47FF-AC37-4C82CD9DAE15}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Facebook Gameroom 1.8.6429.23271 (HKLM-x32\...\{D71E0CAE-F4B3-499E-B515-396B02139A39}) (Version: 1.8.6429.23271 - Facebook)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
HP Battery Check (HKLM-x32\...\HP Battery Check) (Version: 4.3.2.2 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.8.47.1 - HP Inc.)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.3268 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6648 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1029}) (Version: 8.3.309 - Nero AG)
Nero 9 Essentials (HKLM-x32\...\{6c2cf816-e4bb-4610-87b9-856901d3e81b}) (Version: - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NeroVision Express 3 (HKLM-x32\...\NeroVision!UninstallKey) (Version: - )
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roblox Player for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
ROBLOX Studio for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Ruská - rozložení jako latinka (1.1.1) (HKLM\...\{99CD43A2-7D5D-48C9-AF37-D42202648235}) (Version: 1.0.3.40 - Đonny)
SCR3xxx Smart Card Reader (HKLM-x32\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Služba Xperia Companion (HKLM\...\{86C9336F-6376-4E86-A09A-EA7177DEC3D5}) (Version: 1.7.2.0 - Sony) Hidden
Sothink FLV Player (HKLM-x32\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streaming Audio Recorder V4.1.8 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.1.8 - APOWERSOFT LIMITED)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Unity Web Player (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{058506CE-4E1C-4087-878E-61D8B5F8F47A}) (Version: 1.7.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{65415473-2761-4ee3-85c1-5fdf086444c6}) (Version: 1.7.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-06] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02C34753-094D-45C5-B82A-1231BD30BE2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {0EC8968F-2476-4D90-82C5-565B8E0E7EC9} - System32\Tasks\{7EA5EC10-EEFB-4000-87DD-9778FBCEF30C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX\dxsetup.exe" -d "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX"
Task: {2A58DC17-19EC-4FB3-A407-00BAB1B84702} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {45E133AD-F3D6-4724-9B2A-E0FB074C5B22} - System32\Tasks\{3F6A2BFC-3047-4CF3-89BC-A29E1652FB8B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\sp62061.exe" -d "C:\Users\Roman Janas\Downloads"
Task: {4C7501B3-EDB2-4AC2-A669-FFAB5E70930D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5098A890-9F05-4F8F-B3FC-7AAB3654857C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {529AC17D-2297-40E3-91DC-8596953083FA} - System32\Tasks\{FC01EA8F-F8E7-4543-B09F-1144EF6FE8A2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\American Conquest CZ 1.1.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {591977A4-F903-4B01-99CD-AE20DD52943C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-10] (AVAST Software)
Task: {5BFA3B3F-EFFC-4245-B006-FF3B2194F62F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7E0EDAC2-BCE8-4D84-A6AE-EFC3B937B228} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {8B026742-D86A-4B93-B241-D6E11AEACF08} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {912B34B5-D34C-439C-9972-B69CFA2FD199} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9B2246EA-2BFE-4414-819D-64C57E6855BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {B8282474-E1BA-46B8-B6BF-35E58F8B83E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BDAAB309-8685-4637-8740-F3DCBCD762D6} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3828099873-3605611314-608352903-1000 => C:\Users\Roman Janas\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {C1E4FA27-9505-441F-90DB-4CA61A97D864} - System32\Tasks\{0F98F8EB-2B09-460D-938F-56E7ADA6B423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\Extractor.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {F63DA266-AD03-446F-8650-BB47EE2AB5D4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {F97C00F0-D83F-4ACC-8744-F0FB4A745340} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-16 15:08 - 2017-03-16 15:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-15 04:42 - 2014-01-15 04:42 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-11-14 14:38 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
2013-10-17 22:28 - 2013-10-17 22:28 - 000028672 _____ () C:\WINDOWS\SYSTEM32\VALWBFPOLICYSERVICE.EXE
2018-03-02 22:32 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\WINDOWS\SYSTEM32\IccLibDll_x64.dll
2016-11-14 14:38 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2016-11-14 14:38 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2016-11-14 14:38 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2016-11-14 14:38 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2017-08-06 07:56 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-06 07:56 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-06 07:56 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-11-14 18:30 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-10-18 22:58 - 2017-10-18 22:58 - 000570368 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman Janas\Pictures\Picasa\Pozadí\picasabackground-003.bmp
DNS Servers: 185.67.189.2 - 185.67.189.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7DBA6CB1-0A17-409E-9034-8902FDB42699}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46489C85-7D26-4805-B582-4E753CB23196}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{045568EF-4348-46CC-98BB-6CB9C82D28CB}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [UDP Query User{7ECF431F-DD36-4892-AE2A-7B2852C2F5ED}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [TCP Query User{7823293F-855B-4782-BBED-33EFFDAE2C83}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6483C747-616A-4E21-AD8D-F5E5FC1EB477}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{106AF63B-B002-4696-BC11-F9AE5A65AB78}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{64B321F8-DE8C-4A4C-867A-7F94C270ED25}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{5AB69803-682A-4966-8D85-F94EA5D2F3C4}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{4F083AD1-652A-4F2B-A3C1-5A4FEC36D9AA}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{7F6DF90E-EFA2-4E35-928D-7C6D0751711A}] => (Allow) LPort=80
FirewallRules: [{EFD269CF-104E-4C4D-8C54-7DA0646EBFE6}] => (Allow) LPort=443
FirewallRules: [{460D3937-BFD5-47B4-91A2-1AA48B5F2CB1}] => (Allow) LPort=20010
FirewallRules: [{1297A868-1975-490B-A628-015249D0CF56}] => (Allow) LPort=3478
FirewallRules: [{285005C4-B9CF-4621-A23E-D586F934058E}] => (Allow) LPort=7850
FirewallRules: [{5287D3D8-603F-4571-8442-2FC5FC236B21}] => (Allow) LPort=7852
FirewallRules: [{8467964D-96AD-4649-8CBD-7B3FE5AA54AE}] => (Allow) LPort=7853
FirewallRules: [{DA498C50-8BB5-4B9C-B184-45034BE50922}] => (Allow) LPort=27022
FirewallRules: [{F01CFDB2-44D3-478E-A95B-08873F89AF83}] => (Allow) LPort=6881
FirewallRules: [{6E9C0245-6DC0-4566-A1FE-7A5894A4AB23}] => (Allow) LPort=33333
FirewallRules: [{0E48C419-9AAF-4274-BAAD-4BF0C632EE36}] => (Allow) LPort=20443
FirewallRules: [{B319979B-47A8-44D3-9ACA-FE28F6D49250}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{D4B3546E-4393-4D0D-9C2F-5912F66EB92B}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{B3F8893B-4D34-4F48-82D9-35EDA24379F2}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{E5441FAF-F14F-4605-84DE-54F27D3FA171}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [UDP Query User{8CDA41D3-A187-47FD-91A9-680FF8D291A2}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [TCP Query User{F8D6ECF2-2158-42B4-8C5C-F05812B77640}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{199ECE93-372D-4BCF-9B7D-723AC005F861}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4B95ECF2-3D34-4174-AA66-A999524AC735}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{2E55B530-C375-45BB-9D9B-5655774F0875}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{95489A16-8394-4B80-9E65-7D9AB5A99C30}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{446ED07F-2C24-43AC-A17A-2E97127B6558}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{9300D633-0B77-4383-A4CF-BA6EEBD99826}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A27FEED3-A574-4092-AB57-B384FE191354}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0CD1EC2B-1285-4CD6-8183-FB2F7ECF6905}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C0BAEAEA-58D9-44A7-925A-2DAB4F14EB3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{094C1709-C1BE-4EF9-9233-62AF1954F60B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E9EDB444-882C-4072-A1D5-FDFB9B50CF2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CF0C9139-0066-4D91-809B-3DF2D918E65B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{4638E5C9-C851-4B88-B08E-E0A01809CB30}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{9BC50027-5531-498E-8ABF-175F346F87CA}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4848FDCA-B426-4E6C-AADF-3D2560BA2839}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{8C9EB861-1322-4026-BBBF-CAA6C828F4EC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{ABE6EC94-2FE3-46F4-8177-FB01E2F2C7B6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{6B329426-C7AC-4353-9352-875310338CB5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{3086C94F-A6A2-4F35-9241-DF4D2566429B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [TCP Query User{ED87B26F-CE04-4465-A068-0696134F375A}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [UDP Query User{D015BF35-04DB-4C7E-BB44-868FA83F70B3}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [{CE5F6A2C-23D6-4E33-BF18-FADDD756F855}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C5CEB7B-9349-4B11-BC98-03C0E1933888}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39C5558F-DA7E-43A7-8F9E-78D88FA53C3E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{732518DB-11B1-4AFE-B990-5FDF49F51E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0674AC1-ADE5-475C-BCB7-83192B7351E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{E2343E49-7969-4D4A-AE2F-45700CEB28E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{24FD85B3-567A-45DB-831F-685ABDAFB4E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E81CBA5-B0A3-43EC-9BA5-AC539E0B4D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDE7D0BF-D022-43C8-9ACF-E2451F076ECF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

23-01-2018 17:19:26 Naplánovaný kontrolní bod
24-02-2018 13:14:56 Naplánovaný kontrolní bod
17-03-2018 09:24:17 Removed Call of Duty(R) 2
17-03-2018 09:50:59 Removed Medal of Honor Airborne Demo

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2018 11:30:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SpywareTerminatorUpdate.exe, verze: 3.0.1.111, časové razítko: 0x58a4530a
Název chybujícího modulu: TorrentDll.dll, verze: 3.0.0.1, časové razítko: 0x4dbe5f67
Kód výjimky: 0xc0000417
Posun chyby: 0x00132780
ID chybujícího procesu: 0x1274
Čas spuštění chybující aplikace: 0x01d3bd5471ab8027
Cesta k chybující aplikaci: C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Spyware Terminator\TorrentDll.dll
ID zprávy: aa2060b6-2969-11e8-9646-70f395cc9f9f

Error: (02/24/2018 07:58:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: c1de7427-1994-11e8-803e-70f395cc9f9f

Error: (02/24/2018 07:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: a2d3adfb-1994-11e8-803e-70f395cc9f9f

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7114

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7114


System errors:
=============
Error: (03/17/2018 07:08:17 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (03/17/2018 07:08:07 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 07:08:01 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 07:07:46 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 07:07:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/17/2018 07:07:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2018 07:07:24 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 07:07:23 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


CodeIntegrity:
===================================

Date: 2017-09-11 14:28:26.393
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:24.025
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.290
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.847
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.455
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 3887.43 MB
Available physical RAM: 2042.54 MB
Total Virtual: 7773.04 MB
Available Virtual: 5371.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:32.29 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:14.93 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{4f9b778f-a9f1-11e6-ada3-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AEDA26BE)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#10 Příspěvek od Rudy »

Log Addition je k ničemu. Potřebuji vidět obsah souboru fixlog.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Roman78
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 17 bře 2018 11:33

Re: Prosím o kontrolu logu

#11 Příspěvek od Roman78 »

Snad je to tento

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Roman Janas (17-03-2018 19:02:46) Run:1
Running from C:\Users\ROMAN JANAS\Desktop
Loaded Profiles: Roman Janas (Available Profiles: Roman Janas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7555e-aa6e-11e6-9df0-70f395cc9f9f} - G:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7556c-aa6e-11e6-9df0-70f395cc9f9f} - H:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {21656a8e-b3f6-11e6-be46-70f395cc9f9f} - G:\SETUP.EXE
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {364afc2f-27e4-11e7-b625-70f395cc9f9f} - H:\startme.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {7a185352-34bc-11e7-afaf-806e6f6e6963} - H:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {937affd2-a057-11e7-81f4-806e6f6e6963} - H:\AutoRun.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 X6va064; \??\C:\Windows\SysWOW64\Drivers\X6va064 [X]
C:\Users\Roman Janas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {D13FCAB9-68CF-4458-BE58-118F8FD04C73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {FF4E2E25-9E9B-4B70-BADE-6E44DADEF849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02a7555e-aa6e-11e6-9df0-70f395cc9f9f}" => removed successfully
HKLM\Software\Classes\CLSID\{02a7555e-aa6e-11e6-9df0-70f395cc9f9f} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02a7556c-aa6e-11e6-9df0-70f395cc9f9f}" => removed successfully
HKLM\Software\Classes\CLSID\{02a7556c-aa6e-11e6-9df0-70f395cc9f9f} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21656a8e-b3f6-11e6-be46-70f395cc9f9f}" => removed successfully
HKLM\Software\Classes\CLSID\{21656a8e-b3f6-11e6-be46-70f395cc9f9f} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{364afc2f-27e4-11e7-b625-70f395cc9f9f}" => removed successfully
HKLM\Software\Classes\CLSID\{364afc2f-27e4-11e7-b625-70f395cc9f9f} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a185352-34bc-11e7-afaf-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{7a185352-34bc-11e7-afaf-806e6f6e6963} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{937affd2-a057-11e7-81f4-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{937affd2-a057-11e7-81f4-806e6f6e6963} => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\System\CurrentControlSet\Services\X6va064" => removed successfully
X6va064 => service removed successfully
C:\Users\Roman Janas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D13FCAB9-68CF-4458-BE58-118F8FD04C73}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D13FCAB9-68CF-4458-BE58-118F8FD04C73}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF4E2E25-9E9B-4B70-BADE-6E44DADEF849}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF4E2E25-9E9B-4B70-BADE-6E44DADEF849}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52489208 B
Java, Flash, Steam htmlcache => 19312219 B
Windows/system/drivers => 2151370 B
Edge => 0 B
Chrome => 266747752 B
Firefox => 426959549 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558540 B
systemprofile32 => 66228 B
LocalService => 66228 B
NetworkService => 66228 B
Roman Janas => 247446417 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:05:43 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#12 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Roman78
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 17 bře 2018 11:33

Re: Prosím o kontrolu logu

#13 Příspěvek od Roman78 »

¨Paměť se drží na nějakých 73 procentech. Už nedochází k nějakému viditelnému zamrzání a hlavně se už nespouští hlučně ventilátor. Vypadá to dobře. Moc děkuji.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#14 Příspěvek od Rudy »

To jsem rád. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno