Prosím o kontrolu logu

[Kodlz]

jeste Addition.txt poprosim

[Spikl]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by Dios (05-03-2017 17:52:23)
Running from C:\Users\Dios\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-15 07:12:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2675517426-136286855-1641891982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675517426-136286855-1641891982-503 - Limited - Disabled)
Dios (S-1-5-21-2675517426-136286855-1641891982-1001 - Administrator - Enabled) => C:\Users\Dios
Guest (S-1-5-21-2675517426-136286855-1641891982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2675517426-136286855-1641891982-1007 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - )
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2014 (HKLM-x32\...\{23E55F00-CE7A-4860-AF2A-69F3A5F8E54A}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bentley View V8i (SELECTseries 3) 08.11.09.459 (HKLM-x32\...\{ED98991E-E69D-44E1-828F-3F1C23FD95E0}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build Trial Package (HKLM-x32\...\{09A9CD6B-8C7B-43C1-B05D-02087226EA41}) (Version: 1.4.0 - Software Imaging)
Business Functions (HKLM-x32\...\Business Functions_is1) (Version: - Business Functions Ltd)
C310 (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Canon MF5900 Series (HKLM\...\{47C39213-7CE2-4eb0-A112-11671C0072A0}) (Version: 3.9.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Cortona3D Viewer (HKLM\...\{DEACDFFA-D424-416F-B849-FA282F55B2CE}) (Version: 7.0.188 - ParallelGraphics)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
DIY DataRecovery CHK-Mate (HKLM-x32\...\CHK-Mate_is1) (Version: 1.0 - DIY DataRecovery.nl)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DraftSight x64 (HKLM\...\{18D88174-BDBF-4BBF-B05C-3C75F609E44A}) (Version: 12.1.1077 - Dassault Systemes)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.101 (20170201_17) - CÍGLER SOFTWARE, a.s.)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird 1.5.5 (HKLM-x32\...\FBDBServer_1_5_is1) (Version: - Firebird Project)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet 400 MFP M425 (HKLM-x32\...\{568705AA-DD8A-4134-B8B9-9609721FBBCE}) (Version: 15.0.15188.1460 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}) (Version: 3.0.3.9925 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM425DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDXP (x32 Version: 3.0.26.11 - HP) Hidden
HPLaserJet400MFP-M425_HelpLearnCenter_SI (HKLM-x32\...\{55D8D1AB-94C2-498F-A165-608B834A30EA}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 140.069.007 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM425 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppFaxDrvM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM425LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM425 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
InterBase 6 Client Open Edition - 6.0.2.0 (HKLM-x32\...\InterBase 6 Client Open Edition - 6.0.2.0) (Version: - InterBase Installation Info)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
iPhone Converter version 1.3.2.0 (HKLM\...\{B27852AB-618E-4879-AEBF-D183F25543E8}_is1) (Version: - )
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Knihovna TurboFLOORPLANu (HKLM-x32\...\TurboFloorPlan-5.0.0) (Version: 5.0 - Špinar software s.r.o.)
KROSplus (HKLM-x32\...\{5553C7DB-998F-4029-9E7E-F323A326C4B8}) (Version: 13.00 - KROS a.s.)
Licenční server verze 3.002 (HKLM-x32\...\Licenční server verze 3.002) (Version: - )
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Magic Academy 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NemKalk 7.13 (HKLM-x32\...\NemKalk7_is1) (Version: - )
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
pCon.planner STD (64 bit) (HKLM\...\{6DDB6C07-B345-4B5F-B573-EE9DAEEB328C}) (Version: 7.3.0.104 - EasternGraphics)
PČS SmartClient (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ee485056d1c5a354) (Version: 2.1.9.10 - Pojišťovna České spořitelny)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.199.199.0 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Poker at bet365 (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\bet365poker) (Version: - )
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poradce, verze 1.38/1 (HKLM-x32\...\Hledik - Poradce) (Version: 1.38/1 - )
PS_AIO_07_C310_SW_Min (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
RTS Stavitel+ 2014 (HKLM-x32\...\RTS Stavitel+_is1) (Version: - )
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simulace_PCS (HKLM-x32\...\{FA632E53-37C3-44E4-BAE7-AEC897066D98}) (Version: 1.0.0 - Microsoft)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartMaps OCX pro Money S3, verze 2.0.2.5 (HKLM-x32\...\OCXMaps_is1) (Version: 2.0.2.5 - PLANstudio s.r.o.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.14.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.14.0 - Gavrila Martau)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TurboFloorPlan 3D Home and Landscape Pro 2015 (HKLM-x32\...\{0BD6EB74-8B4F-4D3A-89B6-3F6CDEB024E0}) (Version: 17.5.5 - IMSI Design, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{c77bad57-f913-4ac3-9061-6dfd6c0aa40a}) (Version: 1.3.0.16 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.16 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{D5DEF2D5-FE04-484D-A6C9-2A105443F56A}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\WhatsApp) (Version: 0.2.936 - WhatsApp)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D14F5E4-34D1-4B83-9EBA-076F63DA92EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {106E7DD4-E989-4692-8C55-5BBD2F763B40} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {11CD153F-E397-42E8-A7B0-10FAE7C11B2C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {13AC7145-1FBA-46A7-A3A9-C97140E8677A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {19DBF2CF-532C-4BDE-B83D-96A86004AEC5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1CF937A7-D431-4525-A15C-B73D4FDEF5D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {1FDB43C4-6513-4AFC-AD54-9DDD0CFCA801} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {21648002-EF6B-4979-AFB9-4E42A76800E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {2397CEB9-5D33-42A2-9054-38AB725F53C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {28C80EA7-8FB6-47D6-9357-2F0951D02257} - System32\Tasks\{EF787000-3D6D-4AE4-BEE9-9052554AC2C3} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {28FDF4E0-7377-419E-BB38-80438399D8B9} - System32\Tasks\{EE6F22C5-F4D1-4C67-9E35-791420DD6AA0} => pcalua.exe -a C:\Users\Dios\Downloads\money-s3-15001-cz.exe
Task: {2A14E61F-A20C-454D-8EAB-31EBAC488FE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {2BC2DF81-B4CB-4D10-A2EB-D15B5C47C91F} - System32\Tasks\{FE3F8665-DAE0-4E76-B886-ACC0EAAB75FB} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {2CC8864E-8C66-45D9-858F-377810887C2A} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2D9BAFA4-EFE4-44AA-A2B8-DDF5C072EDAA} - System32\Tasks\{58F91570-BD51-4FA2-8CE0-39BAFF42BD10} => pcalua.exe -a C:\Users\Dios\Downloads\KROS\setup.exe -d C:\Users\Dios\Downloads\KROS
Task: {2DCD9098-44E9-4E30-B5C4-ACF669EE1AD1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {2E46169E-0629-4BA9-BC81-5E8195E25116} - System32\Tasks\{C2E35031-C64B-4A5E-8CC9-BEF6E2FAD49B} => pcalua.exe -a C:\Users\Dios\Downloads\lhm.exe -d C:\Users\Dios\Downloads
Task: {2EB7BB99-4969-4C42-9D95-F35ACA0AB939} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3FEBE1CC-4573-4376-AE0E-B5E1C6545F44} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-wintip77@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {44301198-A6A4-40F8-AA1C-1CA5DB4FE74E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {453A5020-823E-4BDC-AF4E-5F06EB0AA7F6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {48CEFDD3-610C-4EC9-ADA5-7B4FDDA0F57F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4926A6CF-84ED-42B1-B37B-4C9D50F95633} - System32\Tasks\{11E919B2-5102-4BBB-8FE1-18624ACE226F} => pcalua.exe -a "C:\Program Files\Kooperativa\Isos\Isos.exe" -d "C:\Program Files\Kooperativa\Isos"
Task: {4CA41BB2-25BD-4C62-8CF7-D4A37FC2CD55} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01] (Adobe Systems Incorporated)
Task: {53C6A5A5-C9F0-4450-A84C-B8A379CF9F83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {543BF91C-250C-4DA8-9180-692E914C7A95} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5B3C61DB-82EF-4C41-B146-F70F7614C9FF} - System32\Tasks\{937AA0AD-51E2-42F1-AE16-88C6D955819C} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {5C501CBF-C134-4AB3-9C12-EF945C9DD8CB} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {617236B5-E2D1-4937-8F2C-561FC673DC46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {68E0BF27-F7C4-43F4-94C3-2AEAFAD659A3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {73A0A03A-E7C8-4260-8714-7CCE42763C8F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {759DC2FE-59D0-449E-9D0D-1197160407BE} - System32\Tasks\{697CE3AF-4540-465F-B96D-5A33DEFA1F4E} => pcalua.exe -a C:\Users\Dios\Downloads\KoopP7BNExtern(1).exe -d C:\Users\Dios\Downloads
Task: {77539CF2-CB8F-401F-B9FA-D1BD30F8ED4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {81A6567A-DDCA-4B5A-A18C-3E9AAC439B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {8448FD24-8653-446F-8CCC-1793C2FF091D} - System32\Tasks\{B3B1FFFB-DC50-44A3-9C1E-827F3A87E88E} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {8C00EF0D-FA6C-4CE0-AC32-84BF692B83F9} - System32\Tasks\{B0ED6832-3EA1-43CA-894A-3F21177A2A2B} => pcalua.exe -a "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\WebSetup.exe" -d "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\"
Task: {92DCA977-47C4-4B0A-9528-588FB1BEBB9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {948DCE32-8B90-46CC-99B6-CA99C995E405} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {94D846E5-1A3A-49CD-A43D-A8BBDEF241D0} - System32\Tasks\{189E6F36-CE0A-4B3C-86BD-0E4A5A2CF7A0} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {9AD13E91-0E20-4A99-9FDF-230FFC79ECD8} - System32\Tasks\{5D495734-0F2B-4248-B3E0-D9B7FF99922A} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDFThumbnailHelper.exe [2012-12-13] (Nitro PDF)
Task: {9FFC5797-49EF-4C66-B38B-69C317D136B5} - System32\Tasks\{F48DC0B4-6AB4-47A0-8771-94549BFDD3F5} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {A07A9045-DDA5-4532-ADA1-BC67BC10D910} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A87A1EE4-83C5-4971-910B-3722E134C230} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {A9E776EA-59B6-42BF-9383-2F7A0AB7BA04} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {ACF8DCC0-3C7F-4E63-B707-A899AC15629F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Task: {AF250386-88B7-4599-883D-F226BEEBE6E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B08AEDE6-9E56-482C-B72E-E9308E29C1D3} - System32\Tasks\{1BFED272-CEE7-4749-97E7-F084335F0742} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {B220650D-6D58-4A0D-B5AA-CA7E8C3B2A0E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-01-17] (Apple Inc.)
Task: {B4485AC6-7356-446F-9E04-7C080A4AD350} - System32\Tasks\{C3CEA077-CE2A-4AD7-8BA1-456456B2A88E} => pcalua.exe -a "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\uninst.exe" -d "C:\Program Files (x86)\Alcohol Soft\Alcohol 52"
Task: {B474D138-49BD-4920-B44F-19A5974E7197} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B8F13DFF-7CDD-4E7D-BE1A-80EA1BE1A15B} - System32\Tasks\HPCeeScheduleForDios => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B953CB77-4E6B-477B-8D63-6B0DCE9123C0} - System32\Tasks\{9BBE0796-780A-4AAE-B2BE-1C98851546B0} => pcalua.exe -a C:\Users\Dios\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BF01B1F0-5900-42E6-AF12-D4D18461CB6F} - System32\Tasks\{A3948E18-38A2-4928-9087-46697B834183} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {BFBD1FB1-9F3C-4DA7-BFBA-ABF11B1B09C6} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {C028799B-C998-4A85-8F4E-D6CE375967FE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C1AFC45C-7C97-45D5-939F-E43B04C598AF} - System32\Tasks\{BB051987-A088-4E1F-842C-5A0DC6BEF7A0} => C:\Program Files (x86)\CgmBetSystems\CgmBets.exe
Task: {CAC31A8E-DF7D-46F1-896D-A2DF6CB6F688} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D0E6AE5E-3816-4E21-ABC9-6FBB167A77AD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D43C9CCB-0FD8-4FCB-A60B-E1BF2CAB3C7B} - System32\Tasks\{1E699CF4-E78B-4C3D-BFDC-A8DBEA7BB5C9} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {D449143A-6252-42C8-98FF-3D4E9513DC03} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {D515AFB1-1FE7-4F28-B472-58C498C9BF7D} - System32\Tasks\{1DC39F61-91E6-4776-B509-ED13DD51BBAD} => pcalua.exe -a C:\Users\Dios\Downloads\Hamachi-1.0.1.5.exe -d C:\Users\Dios\Downloads
Task: {DB3803A4-CC04-4FEB-980F-1B2AF403C1D3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {DBCA48B7-C3C3-42EE-997A-6D1B6BDB3096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E07D6744-D2D2-4698-BB63-4B33446981A2} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {E096A7F9-FD4E-4A4C-9D88-76632BA6DE08} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E3B7BFE2-5312-4561-B5BB-72046D814703} - System32\Tasks\{6030F4DE-A10B-409D-9B44-05E0D1AE28E4} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {ED832A5F-631C-484C-BD26-FA1D8318DFA2} - System32\Tasks\{2E49A9EB-3280-4B40-A217-E2C09E93F899} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {F08D3DE8-1186-419E-A12F-D8B945111A52} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {F1D62EFA-C438-4A47-89DE-FAD6AEB2784E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F794CEE7-3B12-43FB-B0E4-C438A8C9E799} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {FC6FA7D2-B87F-461D-A0DD-FA86C0AD12CA} - System32\Tasks\{059E4574-2046-4A5F-B5AE-4BE5372B4716} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {FD2F0EAA-DEC4-4B2D-B250-91A6FB0BAE7E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDios.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\JoWooD Homepage.lnk -> hxxp://www.jowood.co
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce - Platinum Edition Homepage.lnk -> hxxp://spellforce.jowood.com/?rid=1221&lang=e
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce Forum.lnk -> hxxp://spellforce.jowood.com/forum

==================== Loaded Modules (Whitelisted) ==============

2015-10-12 12:59 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2013-10-02 11:36 - 2012-12-07 10:42 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1120PP.DLL
2012-05-03 09:40 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 01469856 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
2016-09-02 06:37 - 2014-12-11 10:24 - 00076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2017-03-03 08:56 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-03 08:56 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 09:11 - 2016-09-15 09:11 - 00959168 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 07:52 - 2016-09-15 07:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 11:59 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 11:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 11:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 03076512 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-07 13:39 - 2016-06-07 13:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 07:40 - 2016-03-04 07:42 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-16 19:27 - 2011-10-11 12:00 - 00045056 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\Mtp32.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-02-07 12:21 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-02-07 12:21 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-06-01 15:17 - 2016-06-01 15:17 - 00144832 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 02632640 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00078272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 02231744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00598976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00334784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 01265600 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00242624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00108992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 12001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00681408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00026560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00298944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 01291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 02680768 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00370112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 14929344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00789952 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00140224 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00746432 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00176576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00067520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00125888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 01504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00065472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00029632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00031168 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00037824 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00034240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2016-06-01 15:18 - 2016-06-01 15:18 - 00024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2016-06-01 15:19 - 2016-06-01 15:19 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ppe.cz -> hxxps://www.ppe.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\servis24.cz -> hxxps://www.servis24.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-03-03 06:49 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dios\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: 602XML Updater => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk => C:\windows\pss\Kooperativa - PDF Server.lnk.Startup
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "NUSB3MON"
HKLM\...\StartupApproved\Run32: => "Tmobile_Czech Estoril ModemListener"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0BC50696-A532-4D6E-927C-6AF387D98BB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E1B9ABA-C53E-4023-A5C6-41E4E82E5DA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE61E9F3-D8B9-4595-9B25-A28F831BF78D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB3444C-177A-4A09-A5B6-03E96F9CF71F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A8536AC-8E2A-4703-A928-96A7EE35A2A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{615CDE9A-4762-467C-A13B-F9D4042F1CF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{540AFD97-B033-47BE-B751-5950FC568776}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DB7AF22-2457-4032-ACFC-D93728FEEA0B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B6AF7F7D-C636-4AB2-A251-04ADFD3B7A60}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{4A1A6B8A-F5B4-4928-8851-F7F28DF643E8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3D63E791-3AA1-4099-B434-CBBEE191D316}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{81CAFB65-7BA1-4297-99B1-107F3AE42E8D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{096858B8-6DC5-46F1-840F-BEB3E40E59C3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{DE23D481-FE65-4B52-BCA7-EEB6B0C3728C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{D598719A-B177-4E28-892C-878CBBAE11E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{ACCFD7FB-1587-479D-AB4F-5EDF0153501A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EB59E3EC-49F9-4D68-AB8A-EAD9708DF1BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8058241D-9DBD-4A4B-9614-4472DB73EE45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D615243A-5072-4E99-A51C-1FF41EA3A7EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{45390CF1-7620-438D-95C8-5F1A123795A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{55FEE721-9CAF-4CA0-8992-B7111C8140A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{12420971-C9FB-489B-9839-6DC57444C75C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{24F71D6E-8E23-4582-8440-DD7DB596CD6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1F4C35B0-7A96-45C9-BBCF-0549AA0514BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{916A2433-703D-4CF9-B412-4D3ADA0619E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8F626E39-DFAD-4EBC-94AC-7D47A6AA65FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A390EEFF-C960-4853-9F79-EC6D2C5AB6D1}] => (Allow) G:\setup\hpznui40.exe
FirewallRules: [{384A3614-750B-4805-83CC-B6569C7F7B53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C3324F8-73A8-4125-BDAF-6AD490A4BDF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E4C564C-2A35-44E5-9422-DF9411373FC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{035113F2-39A1-49A0-AF50-0097DFFD49B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B74A65B5-E411-4E48-83C1-C2ABCDDBCAC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{915EDE72-61AA-4668-B29E-D43DBEEF312E}] => (Allow) LPort=1900
FirewallRules: [{E8D16D2C-1296-483B-AAFD-4CD58A6DCB27}] => (Allow) LPort=2869
FirewallRules: [{26BF4BD7-019E-4B1F-8E41-CAB70586A44A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B537BC04-32E5-4EC1-8C25-F988A09ED77E}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{6201D615-F4BE-403C-A61D-49B069FE9C96}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{7EFD56E7-D8E0-48E8-AF32-14290E96D86F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{B14C08F5-9E4D-473D-B914-36518E83CF6F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{80606333-A321-4B7A-B7B1-16FF85C8D084}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D8527A8-3BE0-49E4-826F-57893F9D556A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E9445BE-F188-4065-A150-4C02E8CB1C1F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{BDE595B0-9B7F-4A90-9239-F368946CD6D6}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{84F0E771-AD35-420B-B56D-A115A642BE1C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5C4C34A9-7F88-4782-BCE6-243AAF7382AD}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Restore Points =========================

11-02-2017 09:48:31 Naplánovaný kontrolní bod
18-02-2017 12:56:35 Naplánovaný kontrolní bod
23-02-2017 10:51:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16109

Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16109

Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3953

Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3953

Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/04/2017 10:46:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/04/2017 08:55:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudPhotos.exe, verze: 105.0.0.178, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudPhotos_main.dll, verze: 105.0.0.178, časové razítko: 0x587e691b
Kód výjimky: 0xc0000005
Posun chyby: 0x000f48bc
ID chybujícího procesu: 0x1e18
Čas spuštění chybující aplikace: 0x01d294bca104e2bd
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID zprávy: 6e611bb2-8959-47c3-91a2-58e6ed6413cd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2017 11:06:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SPIKL)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/03/2017 10:58:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.6.10.167, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.6.10.167, časové razítko: 0x587e6920
Kód výjimky: 0xc0000005
Posun chyby: 0x0010025c
ID chybujícího procesu: 0x1148
Čas spuštění chybující aplikace: 0x01d29469098f2185
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: a45a2865-0489-499d-a4d4-2df0a6a2e1ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/05/2017 12:54:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 08:54:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2017 11:06:41 PM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/03/2017 11:00:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (03/03/2017 11:00:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
Date: 2017-01-20 10:00:17.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:15.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:11.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:07.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:21.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:14.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:14.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.126
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 55%
Total physical RAM: 4030.36 MB
Available physical RAM: 1797.96 MB
Total Virtual: 8126.36 MB
Available Virtual: 4057.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:573.86 GB) (Free:20.35 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32
Drive g: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
Drive i: (My Passport) (Fixed) (Total:465.73 GB) (Free:32.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0004A183)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Kodlz]

promin sem prehledl, ze si mi to dal v opacnem poradi


no ja tam nic nevidim.

zkus jeste z tohoto odkazu si stahni antirootkit GMER
http://www.gmer.net/gmer.zip

Po stazeni aplikaci rozbal a spust, probehne rychly sken a otevre se hlavni okno programu:
pokud kliknes tlacitko Save vpravo dole, muzes vyexportovat prvni log, ktery mi vloz zde.

aby si se dostal k "hlavnimu" skenu a ziskani logu z nej, ponech v pravem sloupci zafajfkovane vsechny polozky a klikni na tlacitko Scan.
Vyckej konce skenu (coz trva tak kolem peti, deseti minut; v nekterych pripadech ovsem muze delka skenu presahnout i dve hodiny!!!), pote opet klikni na tlacitko Save a vyexportuj log cislo 2, ktery sem take vloz.

[Spikl]

Ahoj, posílám logy.
Log 1:

GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-03-07 06:45:08
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000035 WDC_WD6400BPVT-60HXZT1 rev.01.01A01 596,17GB
Running: gmer.exe; Driver: C:\Users\Dios\AppData\Local\Temp\pxldypow.sys


---- Threads - GMER 2.2 ----

Thread C:\WINDOWS\system32\svchost.exe [1072:9272] 00007ff83f4fac90
Thread C:\WINDOWS\system32\svchost.exe [1072:9284] 00007ff83f4f3590
Thread C:\WINDOWS\system32\svchost.exe [1072:13896] 00007ff8269f9040
Thread C:\WINDOWS\system32\svchost.exe [1072:5052] 00007ff83e2099e0
Thread C:\WINDOWS\system32\svchost.exe [1072:6992] 00007ff83e822cf0
Thread C:\WINDOWS\system32\svchost.exe [1072:4304] 00007ff834b81670
Thread C:\WINDOWS\system32\svchost.exe [1072:12324] 00007ff83ad85bc0
Thread C:\WINDOWS\system32\svchost.exe [1128:1904] 00007ff84002e830
Thread C:\WINDOWS\system32\svchost.exe [1128:392] 00007ff83ff210a0
Thread C:\WINDOWS\system32\svchost.exe [1128:2264] 00007ff83e822cf0
Thread C:\WINDOWS\system32\svchost.exe [1128:2544] 00007ff83e6d5bd0
Thread C:\WINDOWS\system32\svchost.exe [1128:2552] 00007ff83e6d9b20
Thread C:\WINDOWS\system32\svchost.exe [1128:2556] 00007ff83e822cf0
Thread C:\WINDOWS\system32\svchost.exe [2348:3108] 00007ff8388fb180
Thread C:\WINDOWS\system32\svchost.exe [2348:1720] 00007ff8388ff5f0
Thread C:\WINDOWS\system32\svchost.exe [2348:1708] 00007ff83ad85bc0
Thread C:\WINDOWS\system32\svchost.exe [2348:1740] 00007ff83ad97d70
Thread C:\WINDOWS\system32\svchost.exe [2348:5716] 00007ff838916130
Thread C:\WINDOWS\system32\svchost.exe [3020:3092] 00007ff84cd53db0
Thread C:\WINDOWS\system32\svchost.exe [3020:3588] 00007ff839a21e20
Thread C:\WINDOWS\system32\svchost.exe [3020:3604] 00007ff8432d16b0
Thread C:\WINDOWS\system32\svchost.exe [3020:3608] 00007ff8432d16b0
Thread C:\WINDOWS\system32\svchost.exe [3020:3612] 00007ff8432d16b0
Thread C:\WINDOWS\system32\svchost.exe [3020:3616] 00007ff8432d16b0
Thread C:\WINDOWS\system32\svchost.exe [3020:3856] 00007ff8433058c0
Thread C:\WINDOWS\system32\svchost.exe [3020:3860] 00007ff839a4e870
Thread C:\WINDOWS\system32\svchost.exe [3020:3880] 00007ff84cd53db0
Thread C:\WINDOWS\system32\svchost.exe [3020:3892] 00007ff839a53c60
Thread C:\WINDOWS\system32\svchost.exe [2292:7056] 00007ff83ad85bc0
Thread C:\WINDOWS\system32\svchost.exe [2292:4408] 00007ff839782740
Thread C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [3884:4100] 00007ff83778d840
Thread C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [3884:4116] 00007ff8376a0250
Thread C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [3884:5396] 00007ff841fd1b50
Thread C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [3884:6028] 00007ff8376a0250
Thread C:\WINDOWS\system32\csrss.exe [4032:8412] ffff9763cff36c20
Thread C:\WINDOWS\system32\svchost.exe [9120:9156] 00007ff8381bdbe0
Thread C:\WINDOWS\system32\svchost.exe [9120:9904] 00007ff8381bdbe0

---- EOF - GMER 2.2 ----

[Spikl]

Tak posílám i ten druhý log. Při prvním scanu mi to shodilo NTB do restaru, při druhém scanu už OK.

GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-03-07 09:05:44
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000035 WDC_WD6400BPVT-60HXZT1 rev.01.01A01 596,17GB
Running: gmer.exe; Driver: C:\Users\Dios\AppData\Local\Temp\pxldypow.sys


---- User code sections - GMER 2.2 ----

? C:\WINDOWS\SYSTEM32\NTASN1.dll [2916] entry point in ".rdata" section 0000000070dda020
? C:\WINDOWS\system32\ncryptsslp.dll [2916] entry point in ".rdata" section 0000000070db04f0
? C:\WINDOWS\SYSTEM32\wship6.dll [3144] entry point in ".rdata" section 00000000727e2470
? C:\WINDOWS\SYSTEM32\iertutil.dll [3144] entry point in ".rdata" section 00000000711d1590
? C:\WINDOWS\SYSTEM32\atlthunk.dll [7016] entry point in ".data" section 000000006c5c4290
? C:\WINDOWS\SYSTEM32\iertutil.dll [7016] entry point in ".rdata" section 00000000711d1590
? C:\WINDOWS\SYSTEM32\NTASN1.dll [7016] entry point in ".rdata" section 0000000070dda020
? C:\WINDOWS\system32\ncryptsslp.dll [7016] entry point in ".rdata" section 0000000070db04f0
? C:\WINDOWS\SYSTEM32\dbgcore.DLL [1964] entry point in ".rdata" section 000000006a90c940
? C:\WINDOWS\SYSTEM32\iertutil.dll [1964] entry point in ".rdata" section 00000000711d1590
? C:\WINDOWS\SYSTEM32\NTASN1.dll [1964] entry point in ".rdata" section 0000000070dda020
? C:\WINDOWS\system32\ncryptsslp.dll [1964] entry point in ".rdata" section 0000000070db04f0
? C:\WINDOWS\SYSTEM32\dbgcore.DLL [6180] entry point in ".rdata" section 000000006a90c940
? C:\WINDOWS\SYSTEM32\iertutil.dll [6180] entry point in ".rdata" section 00000000711d1590
? C:\WINDOWS\SYSTEM32\NTASN1.dll [6180] entry point in ".rdata" section 0000000070dda020
? C:\WINDOWS\system32\ncryptsslp.dll [6180] entry point in ".rdata" section 0000000070db04f0
? C:\Windows\System32\ActXPrxy.dll [7144] entry point in ".rdata" section 0000000066419c50
? C:\WINDOWS\SYSTEM32\apphelp.dll [7144] entry point in ".rdata" section 000000006627f7c0
? C:\WINDOWS\SYSTEM32\iertutil.dll [7144] entry point in ".rdata" section 00000000711d1590
? C:\WINDOWS\SYSTEM32\NTASN1.dll [7144] entry point in ".rdata" section 0000000070dda020
? C:\WINDOWS\system32\ncryptsslp.dll [7144] entry point in ".rdata" section 0000000070db04f0
? C:\WINDOWS\SYSTEM32\iertutil.dll [520] entry point in ".rdata" section 00000000711d1590
? C:\WINDOWS\SYSTEM32\NTASN1.dll [520] entry point in ".rdata" section 0000000070dda020
? C:\WINDOWS\system32\ncryptsslp.dll [520] entry point in ".rdata" section 0000000070db04f0
? C:\WINDOWS\SYSTEM32\wship6.dll [6292] entry point in ".rdata" section 00000000727e2470
? C:\WINDOWS\SYSTEM32\NTASN1.dll [6292] entry point in ".rdata" section 0000000070dda020
? C:\WINDOWS\system32\ncryptsslp.dll [6292] entry point in ".rdata" section 0000000070db04f0
? C:\WINDOWS\SYSTEM32\iertutil.dll [7552] entry point in ".rdata" section 00000000711d1590
? C:\WINDOWS\system32\apphelp.dll [9124] entry point in ".rdata" section 000000006627f7c0

---- Threads - GMER 2.2 ----

Thread C:\WINDOWS\system32\csrss.exe [632:692] ffff96a6f5a16c20

---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -657526914
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\68a3c4ec87b9
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 33862
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}@LeaseObtainedTime 1488867874
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}@T1 1488871474
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}@T2 1488874174
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}@LeaseTerminatesTime 1488875074
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xC3 0x49 0xD6 0x06 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xC3 0xB1 0x9A 0x68 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xC3 0xE1 0x11 0xA5 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\4@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\4@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\5@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\5@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\6@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\6@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest 0x52 0x76 0xDD 0x34 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@E7CF176E110C211B 0xED 0x45 0xEE 0x3D ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Microsoft Office\Office12\EXCEL.EXE 0x0F 0x4D 0xDF 0xB0 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Nitro\Pro 8\NitroPDF.exe 0xF5 0x7B 0x58 0xC7 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{3910D8AB-B102-4DDF-BF29-F4D357EDE08D}@LastAccessedTime 0xC0 0xFB 0x04 0x3D ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{3910D8AB-B102-4DDF-BF29-F4D357EDE08D}@LaunchCount 28
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7FDF778E-BFC6-469F-8A46-EA0F892DC290}\RecentItems\{A049E068-2348-4097-A8D6-9ADEDF3EC8ED}
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7FDF778E-BFC6-469F-8A46-EA0F892DC290}\RecentItems\{A049E068-2348-4097-A8D6-9ADEDF3EC8ED}@Type 0
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7FDF778E-BFC6-469F-8A46-EA0F892DC290}\RecentItems\{A049E068-2348-4097-A8D6-9ADEDF3EC8ED}@Path C:\Users\Dios\Desktop\Passwords_09032016.xlsx
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7FDF778E-BFC6-469F-8A46-EA0F892DC290}\RecentItems\{A049E068-2348-4097-A8D6-9ADEDF3EC8ED}@DisplayName Passwords_09032016
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7FDF778E-BFC6-469F-8A46-EA0F892DC290}\RecentItems\{A049E068-2348-4097-A8D6-9ADEDF3EC8ED}@LastAccessedTime 0x00 0x00 0x00 0x00 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7FDF778E-BFC6-469F-8A46-EA0F892DC290}\RecentItems\{A049E068-2348-4097-A8D6-9ADEDF3EC8ED}@Points 0x00 0x00 0x00 0x00

---- EOF - GMER 2.2 ----

[Kodlz]

Nic skodlive tam nevidim.

Co by jsem Ti doporucil, tak uvolnit misto na disku, mas jen 3% volne. Popripade udelat defragmentaci disku.

Muzes zkusit jeste stahnout Crystal Disk Info : https://osdn.jp/frs/redir.php?m=cznic&f ... o6_7_5.zip
Rozbal archiv a spust soubor DiskInfo.exe
ve spustenem programu klikni nahore na Upravy -> Kopirovat (log bude zkopirovany ve schrance)
log vloz do dalsi odpovedi (Ctrl + V)

Edit: Taky doporucuji odinstalovat Malwarebytes ...at se ti nehada s Nortonem.

[Spikl]

Ahoj, posílám log.
Máš pravdu, až teď vidím že mám plný disk. Začnu uvolňovat. ZAtím velké díky.


----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 14393] (x64)
Date : 2017/03/07 12:49:02

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- WDC WD6400BPVT-60HXZT1
- hp DVD A DS8A5LH
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD6400BPVT-60HXZT1 : 640,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD6400BPVT-60HXZT1
----------------------------------------------------------------------------
Model : WDC WD6400BPVT-60HXZT1
Firmware : 01.01A01
Serial Number : WD-WX21A5132170
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 11205 hod.
Power On Count : 5598 krát
Temperature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 202 181 _21 000000000373 Čas na roztočení ploten
04 _94 _94 __0 000000001A94 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _85 _85 __0 000000002BC5 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _95 _95 __0 0000000015DE Počet cyklů zapnutí zařízení
B7 _98 _98 __0 000000000002 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _73 __0 000000000168 Časový limit příkazu
BE _64 _53 _40 000026140024 Teplota toku vzduchu
BF __1 __1 __0 00000000B1F7 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 00000000008A Počet vypnutí disku
C1 __6 __6 __0 00000008E294 Počet cyklů načítání/vymazání
C2 111 100 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3231 4135 3133 3231 3730
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3634 3030 4250 5654 2D36 3048 585A 5431 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 004C 0048
080: 01FE 0000 706B 7C09 6123 7069 BC09 6123 407F 004E
090: 004E 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 6003 0000 5001 4EE6
110: ABEF F77A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 16FE 012D 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 703D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4FA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 CA B5 73 03 00 00 00 00 00 04 32 00 5E 5E 94
020: 1A 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 55 55 C5 2B 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5F 5F DE 15 00 00 00 00 00 B7 32
070: 00 62 62 02 00 00 00 00 00 00 B8 33 00 64 64 00
080: 00 00 00 00 00 00 BB 32 00 64 64 00 00 00 00 00
090: 00 00 BC 32 00 64 49 68 01 00 00 00 00 00 BE 22
0A0: 00 40 35 24 00 14 26 00 00 00 BF 32 00 01 01 F7
0B0: B1 00 00 00 00 00 C0 32 00 C8 C8 8A 00 00 00 00
0C0: 00 00 C1 32 00 06 06 94 E2 08 00 00 00 00 C2 22
0D0: 00 6F 64 24 00 00 00 00 00 00 C4 32 00 C8 C8 00
0E0: 00 00 00 00 00 00 C5 32 00 C8 C8 00 00 00 00 00
0F0: 00 00 C6 30 00 64 FD 00 00 00 00 00 00 00 C7 32
100: 00 C8 C8 00 00 00 00 00 00 00 C8 09 00 64 FD 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 3C 01 51
170: 03 00 01 00 02 98 00 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F8

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 B7 00
070: 00 00 00 00 00 00 00 00 00 00 B8 61 00 00 00 00
080: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
090: 00 00 BC 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 33 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F8

[Kodlz]

rekl by jsem, ze hdd je v poradku, podle toho logu.

[Spikl]

Ahoj,

tak jsem HDD trochu vyčistil a vypadá, že to chodí v pohodě.

Děkuji moc za pomoc. Prosím o zavření tématu

[Kodlz]

nemas zac.

[cernohous13]

Good job