Prosím o kontrolu logu

Zpráva

Spikl · #1 Příspěvek od **Spikl** » 02 bře 2017 12:00

Dobrý den,

prosím o kontrolu logu RSIT na NTB. Poslední dobou sleduji, že mám pomalou odezvu na "pravou myš", Mozilla nabíhá hodně pomalu a spouštění některých aplikací také trvá dlouho, nebo práce s nimi (např. Excel) trvá.
Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dios at 2017-03-02 11:53:55
Microsoft Windows 10 Pro
System drive C: has 19 GB (3%) free of 588 GB
Total RAM: 4030 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:21, on 2.3.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\KROSplus\KROSplus.exe
C:\Program Files\trend micro\Dios.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tipmatchbets.com/?cz&page=di ... egory=chat
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [NetLockMngr] C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Tmobile_Czech Estoril ModemListener] C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dios\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 62.141.0.1 213.162.65.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{44da3733-12ea-4092-ab15-cb3b918a7993}: NameServer = 192.168.100.1,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: NameServer = 62.141.0.1 213.162.65.1
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: @oem106.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SWLock Server (SWLckServer) - Unknown owner - C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Tmobile_Czech Estoril Modem Device Helper - Unknown owner - C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\windows\SysWOW64\xmesrv.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 18987 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe"
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe" -start
C:\windows\system32\vcsFPService.exe
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
dashost.exe {9d819a4b-b7e6-47f1-b01c68fb8da75e39}
"C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\diMaster.dll" /prefetch:1

C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
"C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe" /c /a /s UserSession2
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe"
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files (x86)\KROSplus\KROSplus.exe" LOG
C:\WINDOWS\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"fontdrvhost.exe"
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe46_ Global\UsGthrCtrlFltPipeMssGthrPipe46 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x478
"C:\Users\Dios\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 640 644 652 8192 648

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
C:\WINDOWS\tasks\HPCeeScheduleForDios.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDios (null)
C:\WINDOWS\tasks\TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate

=========Mozilla firefox=========

ProfilePath - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon\

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.92.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.92.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
npPDFXCviewNPPlugin.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\extensions\
firefoxdav@icloud.com

C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\
firmycz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Safety - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20 1301120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09 570944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09 234048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42DFA04F-0F16-418e-B80C-AB97A5AFAD39}]
PDFXChange 4.0 - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27 422496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Safety - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07 946304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09 461888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09 173120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20 1301120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - PDFXChange 4.0 - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27 422496]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07 946304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-07 379040]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 3944136]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-01-19 176440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-01-17 67384]
"OneDrive"=C:\Users\Dios\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-15 554184]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2017-01-17 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2017-01-17 356664]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2017-01-17 67896]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-01-16 1407912]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2014-08-09 322352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-02-08 9363672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2015-10-05 169528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2015-08-06 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-31 597016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2011-01-27 835072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Quick View]
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2014-06-02 5563760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk]
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2017-01-13 67384]
"DriveUtilitiesHelper"=C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2015-05-20 1890664]
"NetLockMngr"=C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [2012-09-30 3076512]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"Tmobile_Czech Estoril ModemListener"=C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [2014-12-11 159016]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2014-08-19 330176]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-10-31 2072928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NofolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-03-02 10:22:11 ----AD---- C:\Program Files\CCleaner
2017-02-28 11:09:38 ----D---- C:\Program Files\NortonInstaller
2017-02-07 12:29:29 ----D---- C:\ProgramData\Wondershare
2017-02-07 12:28:59 ----D---- C:\Users\Dios\AppData\Roaming\HMYGSetting

======List of files/folders modified in the last 1 month======

2017-03-02 11:54:17 ----D---- C:\Program Files\trend micro
2017-03-02 11:54:15 ----D---- C:\WINDOWS\Temp
2017-03-02 11:54:10 ----D---- C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-02 11:54:06 ----D---- C:\WINDOWS\Prefetch
2017-03-02 11:39:01 ----D---- C:\WINDOWS\system32\SleepStudy
2017-03-02 11:17:02 ----D---- C:\WINDOWS\system32\sru
2017-03-02 11:10:41 ----D---- C:\WINDOWS\system32\config
2017-03-02 11:07:56 ----D---- C:\WINDOWS\debug
2017-03-02 11:01:43 ----RD---- C:\WINDOWS\Microsoft.NET
2017-03-02 11:00:14 ----D---- C:\WINDOWS\SoftwareDistribution
2017-03-02 11:00:10 ----D---- C:\Windows
2017-03-02 10:46:16 ----AD---- C:\KROSplusData
2017-03-02 10:29:57 ----D---- C:\WINDOWS\INF
2017-03-02 10:29:55 ----D---- C:\WINDOWS\LiveKernelReports
2017-03-02 10:29:54 ----D---- C:\WINDOWS\Minidump
2017-03-02 10:22:21 ----D---- C:\WINDOWS\system32\Tasks
2017-03-02 10:22:11 ----RD---- C:\Program Files
2017-03-02 07:24:39 ----RD---- C:\Program Files (x86)
2017-03-02 07:19:02 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2017-03-02 07:18:30 ----SHD---- C:\System Volume Information
2017-03-02 07:08:33 ----D---- C:\WINDOWS\AppReadiness
2017-03-02 07:08:27 ----HD---- C:\Program Files\WindowsApps
2017-03-01 22:41:06 ----D---- C:\Users\Dios\AppData\Roaming\vlc
2017-03-01 14:46:59 ----D---- C:\WINDOWS\system32\Macromed
2017-03-01 14:46:44 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-03-01 08:11:50 ----AD---- C:\Program Files (x86)\uTorrent
2017-02-28 13:11:33 ----D---- C:\WINDOWS\Tasks
2017-02-28 08:52:04 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-02-28 07:57:07 ----D---- C:\WINDOWS\System32
2017-02-27 18:26:18 ----D---- C:\WINDOWS\system32\catroot2
2017-02-27 10:12:40 ----D---- C:\WINDOWS\WinSxS
2017-02-26 18:03:42 ----D---- C:\Program Files\Common Files\AV
2017-02-26 17:01:35 ----D---- C:\WINDOWS\system32\CatRoot
2017-02-26 17:01:34 ----D---- C:\WINDOWS\system32\DriverStore
2017-02-26 16:55:21 ----D---- C:\WINDOWS\system32\drivers
2017-02-26 13:07:50 ----D---- C:\WINDOWS\system32\drivers\NISx64
2017-02-24 09:25:03 ----D---- C:\Stavitel
2017-02-24 09:04:31 ----D---- C:\WINDOWS\system32\NDF
2017-02-23 11:10:14 ----D---- C:\WINDOWS\CbsTemp
2017-02-23 11:10:13 ----D---- C:\WINDOWS\SysWOW64
2017-02-23 11:09:51 ----D---- C:\WINDOWS\system32\MRT
2017-02-23 10:56:46 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-02-22 07:54:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-17 09:39:08 ----D---- C:\Users\Dios\AppData\Roaming\Nitro
2017-02-13 06:23:16 ----HD---- C:\WINDOWS\ELAMBKUP
2017-02-09 09:28:38 ----AD---- C:\Program Files (x86)\Norton Internet Security
2017-02-07 12:29:29 ----HD---- C:\ProgramData
2017-02-07 12:21:35 ----D---- C:\Program Files (x86)\Common Files
2017-02-06 20:48:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTATH_BUS;@oem124.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2015-08-27 36496]
R0 hpdskflt;@oem106.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170228.008\BHDrvx64.sys [2016-11-07 1874136]
R1 ccSet_NIS;NIS Settings Manager; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [2017-02-07 174240]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2017-01-26 497312]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170301.001\IDSvia64.sys [2017-02-08 1038024]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\windows\system32\drivers\LMIRfsDriver.sys [2012-11-29 72216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R3 Accelerometer;@oem106.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 ARCVCAM;@oem48.inf,%avshws.DeviceDesc%;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2016-07-16 4233728]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-15 84992]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-01-26 156824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HpqKbFiltr;@oem107.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;@oem114.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2012-07-31 175928]
R3 MEIx64;@oem93.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-01-19 202032]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-09-15 175616]
R3 ROCKEYNT;@oem120.inf,%Rockey.SVCDESC%;Feitian ROCKEY4 Device Service; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [2013-12-04 36904]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
R3 SNP2UVCW10;@oem75.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2015-12-21 2530920]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 Afc;PPdus ASPI Shell; C:\WINDOWS\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2016-09-15 127328]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2016-07-16 157024]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2016-07-16 141152]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem40.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\SysWOW64\FsUsbExDisk.SYS [2013-12-30 37344]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2015-11-04 139632]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-15 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2012-11-29 11552]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2016-07-16 179040]
S3 mvusbews;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-11-08 19968]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-03 42696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-01-19 2227312]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-09-22 83768]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_5a1eb;CDPUserSvc_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2014-06-24 176128]
R2 hpsrv;@oem106.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-08 325912]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-09-15 26112]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [2017-02-21 326160]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-12-13 230408]
R2 OneSyncSvc_5a1eb;Hostitel synchronizace_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-01-19 651576]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_5a1eb;Data kontaktů_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-01-16 1039376]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01 270936]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2014-03-14 123392]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [2007-12-12 65536]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [2007-12-12 1531989]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-06-05 1432400]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-08-06 203344]
S3 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S3 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
S3 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-28 281656]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2016-07-16 38792]
S3 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\syswow64\svchost.exe [2016-07-16 38792]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S3 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2010-04-29 127800]
S3 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_5a1eb;Služba zasílání zpráv_5a1eb; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 nlsX86cc;Nalpeiron Licensing Service; C:\windows\SysWOW64\NLSSRV32.EXE [2013-03-25 70152]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S3 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-09-15 2889896]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-15 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S4 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-01-28 693440]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2016-12-14 822624]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

Kodlz · #2 Příspěvek od **Kodlz** » 02 bře 2017 12:09

Ahoj.
-poprosim te pomoci tohoto navodu sem vlozit log (FRST.txt i Addition.txt) z FRST:
http://forum.viry.cz/viewtopic.php?f=30&t=133101

Spikl · #3 Příspěvek od **Spikl** » 02 bře 2017 12:15

Ahoj,
ten Launcher mi nejde stáhnout. Ihned do odebere NORTON. Bude stačit pouze FRST?

Spikl · #4 Příspěvek od **Spikl** » 02 bře 2017 13:00

Tak NORTON byl vypnut, akorát něco hlásilo, že problém se škodlivým souborem vyřešil Windows.....tak snad jsou logy jak mají být....

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Dios (administrator) on SPIKL (02-03-2017 12:48:57)
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(KROS a.s.) C:\Program Files (x86)\KROSplus\KROSplus.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\conathst.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-05-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [NetLockMngr] => C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [3076512 2012-09-30] ()
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [322352 2014-08-09] (BitTorrent, Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 62.141.0.1 213.162.65.1
Tcpip\..\Interfaces\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{278401da-e960-4b4c-bcbc-f939ebbd7fd9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b5a714d-352b-4aad-8581-cff6782c3e01}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{44da3733-12ea-4092-ab15-cb3b918a7993}: [NameServer] 192.168.100.1,8.8.8.8
Tcpip\..\Interfaces\{c202a2a1-8152-4b98-9159-127249dde237}: [DhcpNameServer] 10.0.28.1
Tcpip\..\Interfaces\{d4f80e1b-eb6c-4a5f-a082-7407669bd57a}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tipmatchbets.com/?cz&page=discussion&category=chat
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)

FireFox:
========
FF DefaultProfile: h0iijypa.default-1414995702743
FF ProfilePath: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 [2017-03-02]
FF Homepage: Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 -> hxxps://www.seznam.cz/
FF Extension: (iCloud Bookmarks) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\firefoxdav@icloud.com [2016-10-20]
FF Extension: (QuickJava) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-10-10]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\features\{cd0caea9-2276-44ea-898c-309436cd274a}\disableSHA1rollout@mozilla.org.xpi [2017-02-25]
FF SearchPlugin: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\firmycz.xml [2015-06-16]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon [2017-02-09]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2011-11-28] (ParallelGraphics)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-08-06] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2016-12-01] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-10-01] (Česká spořitelna, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-17] (Apple Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default [2017-03-02]
CHR Extension: (Prezentace Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13]
CHR Extension: (Dokumenty Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-13]
CHR Extension: (YouTube) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Tabulky Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Norton Identity Safe) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-04-10]
CHR Extension: (Peněženka Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2014-03-14] (Dassault Systèmes) [File not signed]
S3 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
S3 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SWLckServer; C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe [1469856 2012-09-30] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-05-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 xmengine service; C:\windows\SysWOW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170228.008\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-07] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-11-04] (Gemalto)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170301.001\IDSvia64.sys [1038024 2017-02-08] (Symantec Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2013-12-04] (Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-03] (Synaptics Incorporated)
U5 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [2668424 2015-12-10] ()
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-21] (Sonix Tech. Co., Ltd.)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-07] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-07] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-07] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-07] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-09] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-07] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-07] (Symantec Corporation)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [36736 2013-02-08] (The OpenVPN Project) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-02 12:48 - 2017-03-02 12:53 - 00031725 _____ C:\Users\Dios\Desktop\FRST.txt
2017-03-02 12:45 - 2017-03-02 12:45 - 00029696 _____ C:\Users\Dios\AppData\Local\MSGBOX.EXE
2017-03-02 12:45 - 2017-03-02 12:45 - 00015327 _____ C:\Users\Dios\Desktop\LM.bat
2017-03-02 12:25 - 2017-03-02 12:25 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV.pdf
2017-03-02 12:13 - 2017-03-02 12:48 - 02423808 _____ (Farbar) C:\Users\Dios\Desktop\FRST64.exe
2017-03-02 11:44 - 2017-03-02 11:44 - 00004988 _____ C:\Users\Dios\Documents\cc_20170302_114428.reg
2017-03-02 11:40 - 2017-03-02 11:40 - 00007818 _____ C:\Users\Dios\Documents\cc_20170302_114032.reg
2017-03-02 10:55 - 2017-03-02 10:55 - 00050618 _____ C:\Users\Dios\Documents\cc_20170302_105551.reg
2017-03-02 10:22 - 2017-03-02 10:23 - 00000000 ____D C:\Program Files\CCleaner
2017-03-02 10:22 - 2017-03-02 10:22 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-02 10:22 - 2017-03-02 10:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-02 10:22 - 2017-03-02 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-02 10:17 - 2017-03-02 10:17 - 00000000 ____D C:\Users\Dios\Downloads\CCleaner Professional & Business Edition v5.27.5976 (2017)(CZ,SK)
2017-03-02 07:03 - 2017-03-02 07:03 - 00001607 _____ C:\Users\Dios\Desktop\Platby_MPxVC_2017.lnk
2017-02-28 14:56 - 2017-02-28 14:56 - 00022920 _____ C:\Users\Dios\Downloads\cee-19981008_Novy_Matej.pdf
2017-02-28 14:49 - 2017-02-28 14:49 - 00000244 _____ C:\Users\Dios\Desktop\Práce ve výškách - SingingRock Outlet.URL
2017-02-28 14:17 - 2017-02-28 14:17 - 00114517 _____ C:\Users\Dios\Downloads\5556_1.pdf
2017-02-28 11:09 - 2017-02-28 11:09 - 00000000 ____D C:\Program Files\NortonInstaller
2017-02-28 10:43 - 2017-02-28 10:43 - 00072374 _____ C:\Users\Dios\Downloads\IrwPrintShoppingList.pdf
2017-02-27 12:45 - 2017-02-27 12:45 - 00153229 _____ C:\Users\Dios\Downloads\SC_CC_15x15_FY17_cz.pdf
2017-02-27 07:08 - 2017-02-27 07:20 - 00000000 ____D C:\Users\Dios\Downloads\Nocturnal.Animals.2016.BRRip.XviD.AC3.CZ-PiRaTE
2017-02-26 13:07 - 2017-02-26 13:07 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-02-25 20:39 - 2017-02-27 06:41 - 2971028847 _____ C:\Users\Dios\Downloads\Fantastická zvířata a kde je najít.mkv
2017-02-23 10:54 - 2017-02-23 10:54 - 00201881 _____ C:\Users\Dios\Downloads\98432-1468912.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569675 _____ C:\Users\Dios\Downloads\98431-1529786_zadávací dokumentace.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569575 _____ C:\Users\Dios\Downloads\98431-1529786.pdf
2017-02-23 10:46 - 2017-02-23 10:46 - 02234269 _____ C:\Users\Dios\Downloads\97802-6936461.pdf
2017-02-23 10:43 - 2017-02-23 10:43 - 02197263 _____ C:\Users\Dios\Downloads\97801-5119059.pdf
2017-02-23 10:42 - 2017-02-23 10:42 - 02162545 _____ C:\Users\Dios\Downloads\97799-2870263.pdf
2017-02-23 10:41 - 2017-02-23 10:41 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441(1).pdf
2017-02-23 10:17 - 2017-02-23 10:17 - 00162192 _____ C:\Users\Dios\Downloads\97798-6613698.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00189715 _____ C:\Users\Dios\Downloads\97797-8421441_Zápis o předání a převzetí staveniště.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441.pdf
2017-02-23 08:38 - 2017-02-23 08:38 - 06017067 _____ C:\Users\Dios\Downloads\97794-7355759.pdf
2017-02-23 08:37 - 2017-02-23 08:37 - 00018514 _____ C:\Users\Dios\Downloads\98428-2287615.pdf
2017-02-23 08:31 - 2017-02-23 08:34 - 00031232 _____ C:\Users\Dios\Desktop\2. Rozpočet ukazatele.xls
2017-02-21 09:56 - 2017-02-21 09:57 - 00214438 _____ C:\Users\Dios\Downloads\IF_5546_3.pdf
2017-02-21 07:15 - 2017-02-21 07:49 - 1369619519 _____ C:\Users\Dios\Downloads\The.Girl.On.The.Train.2016.WEB-DL.AVC.CZ-AsiToBudePiRaTE.mp4
2017-02-18 12:45 - 2017-02-18 13:11 - 1127147918 _____ C:\Users\Dios\Downloads\Prazdniny v Provence (2016).avi
2017-02-17 13:05 - 2017-02-17 13:05 - 00000303 _____ C:\Users\Dios\Desktop\PTservis.txt
2017-02-17 12:35 - 2017-02-20 10:28 - 00042464 _____ C:\Users\Dios\Desktop\V.O. Opavská_porovnání.xlsx
2017-02-17 12:09 - 2017-02-17 12:09 - 00567465 _____ C:\Users\Dios\Downloads\dodatecna_informace_c2-rybnik_lhota.pdf
2017-02-17 10:12 - 2017-02-17 10:12 - 00099681 _____ C:\Users\Dios\Downloads\dokument(8).pdf
2017-02-17 08:27 - 2017-02-17 08:43 - 1743691776 _____ C:\Users\Dios\Downloads\Bezva ženská na krku (2016) (CZ).avi
2017-02-15 12:52 - 2017-02-15 13:12 - 00026080 _____ C:\Users\Dios\Desktop\Kompostové hospodářství_sledování fakturace.xlsx
2017-02-15 07:47 - 2017-02-15 07:54 - 00000000 ____D C:\Users\Dios\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2017-02-14 11:43 - 2017-02-14 11:43 - 04897565 _____ C:\Users\Dios\Downloads\P r i k a z_s m l o u v a_T D S+a d m_f i n a l_2.pdf
2017-02-14 09:46 - 2017-02-14 09:46 - 00104675 _____ C:\Users\Dios\Downloads\příkazní na výkon TDS-zverej.pdf
2017-02-13 18:18 - 2017-02-13 19:38 - 1549791232 _____ C:\Users\Dios\Downloads\Zúčtování.avi
2017-02-13 14:33 - 2017-02-13 14:33 - 00818926 _____ C:\Users\Dios\Downloads\Ceník_Olomouc_2017.pdf
2017-02-13 14:32 - 2017-02-13 14:32 - 00123708 _____ C:\Users\Dios\Downloads\WWWCENIKSTEPANOV2015.pdf
2017-02-13 14:29 - 2017-02-13 14:29 - 00832521 _____ C:\Users\Dios\Downloads\Cenik_2016.pdf
2017-02-13 13:41 - 2017-02-13 13:41 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota(1).pdf
2017-02-13 13:38 - 2017-02-13 13:38 - 00527670 _____ C:\Users\Dios\Downloads\egadup6mgutm7rctjiq3p5rpp0_1483009720_Oznámení o vyloučení uchazeče z výběrového řízení.pdf
2017-02-13 12:47 - 2017-02-13 12:47 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla(1).pdf
2017-02-12 20:26 - 2017-02-12 21:33 - 00000000 ____D C:\Users\Dios\Downloads\Povinnost a čest Act of Valor (2012)
2017-02-12 20:19 - 2017-02-12 21:48 - 766113532 _____ C:\Users\Dios\Downloads\Trollové.avi
2017-02-11 14:36 - 2017-02-11 16:16 - 1278392984 _____ C:\Users\Dios\Downloads\Musim te svest cz xvid-calibrum2.avi
2017-02-11 10:39 - 2017-02-15 13:35 - 00011465 _____ C:\Users\Dios\Desktop\Dovolená.xlsx
2017-02-11 10:27 - 2017-02-11 11:59 - 1932204032 _____ C:\Users\Dios\Downloads\Kobry a užovky.avi
2017-02-09 16:09 - 2017-02-09 17:12 - 1014570955 _____ C:\Users\Dios\Downloads\Avatar.avi
2017-02-09 14:21 - 2017-02-09 14:21 - 06111589 _____ C:\Users\Dios\Downloads\Úprava prostranství před Priorem.pdf
2017-02-09 13:16 - 2017-02-09 13:16 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla.pdf
2017-02-09 10:04 - 2017-02-09 10:08 - 00000000 ____D C:\Users\Dios\Downloads\Storks.2016.BRRip.XviD.AC3.CZ.SK-PiRaTE
2017-02-09 09:34 - 2017-03-02 07:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-02-09 09:19 - 2017-02-09 09:19 - 00666620 _____ C:\Users\Dios\Downloads\00_Vyzva_-_demolice_M5-L11-oprava.pdf
2017-02-09 09:04 - 2017-02-09 09:40 - 00000000 ____D C:\Users\Dios\Desktop\Hygienické zařízení-apresski
2017-02-08 14:38 - 2017-02-08 15:21 - 736397312 _____ C:\Users\Dios\Downloads\jpa.avi
2017-02-07 12:53 - 2017-02-07 13:13 - 00327680 _____ C:\Users\Dios\Desktop\UPOL_Výkaz výměr_rev2_2003_poptávka.xls
2017-02-07 12:32 - 2017-02-07 12:32 - 00000000 ____D C:\Users\Dios\Documents\Wondershare
2017-02-07 12:29 - 2017-02-07 12:29 - 00000000 ____D C:\ProgramData\Wondershare
2017-02-07 12:28 - 2017-02-07 12:28 - 00000000 ____D C:\Users\Dios\AppData\Roaming\HMYGSetting
2017-02-07 12:21 - 2017-02-07 12:21 - 00000000 ____D C:\Users\Dios\AppData\Local\Wondershare
2017-02-07 12:20 - 2017-03-02 07:24 - 00000000 ____D C:\Users\Dios\.android
2017-02-07 12:12 - 2017-02-07 12:25 - 00000000 ____D C:\Users\Dios\Downloads\Eye.in.the.Sky.2015.BRRip.XviD.AC3.CZ-Ex
2017-02-07 09:19 - 2017-02-07 09:19 - 00000000 ____D C:\Users\Dios\Downloads\Blood.Father.2016.BDRip.x264.CZ
2017-02-07 09:15 - 2017-02-07 09:15 - 00000000 ____D C:\Users\Dios\Downloads\Wondershare MobileTrans v7.4.6.429 Final + Serials
2017-02-07 08:31 - 2017-02-07 08:41 - 00314498 _____ C:\Users\Dios\Desktop\S.M. Olomouc - 04 Výkaz výměr_rev1 - porovnání.xlsx
2017-02-06 14:49 - 2017-02-06 14:49 - 01812343 _____ C:\Users\Dios\Downloads\3963_3483_239_2016_mikulicova.pdf
2017-02-06 14:47 - 2017-02-06 14:47 - 00213446 _____ C:\Users\Dios\Downloads\3997_oceneni_bytu.pdf
2017-02-06 12:41 - 2017-02-06 12:41 - 00105359 _____ C:\Users\Dios\Downloads\dokument(7).pdf
2017-02-06 09:46 - 2017-02-06 09:46 - 00019524 _____ C:\Users\Dios\Downloads\cee-19891002_Vcelik_Tomas.pdf
2017-02-06 09:13 - 2017-02-06 09:13 - 00496908 _____ C:\Users\Dios\Downloads\PGY-cenik-2016.pdf
2017-02-06 09:04 - 2017-02-06 09:05 - 00176915 _____ C:\Users\Dios\Downloads\Ceník-2016-platnost-od-1.4.2016.pdf
2017-02-06 08:32 - 2017-02-06 08:45 - 1506766848 _____ C:\Users\Dios\Downloads\Jesse Stone Ztracen v Paradise.avi
2017-02-04 19:00 - 2017-02-04 21:41 - 976465920 _____ C:\Users\Dios\Downloads\Máma mezi Marťany.avi
2017-02-03 16:06 - 2017-02-03 17:17 - 1499277312 _____ C:\Users\Dios\Downloads\Toy.Story.3.480p.BRRip.XviD.AC3.CZ-lukasenko79.avi
2017-02-02 08:43 - 2017-02-02 08:43 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-02 12:54 - 2014-05-29 20:12 - 00000000 ____D C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-02 12:48 - 2015-05-21 06:39 - 00000000 ___DC C:\FRST
2017-03-02 12:34 - 2015-04-16 11:10 - 00000000 ____D C:\KROSplusData
2017-03-02 12:01 - 2014-07-23 13:21 - 00000000 ____D C:\Users\Dios\Desktop\Odvirování
2017-03-02 11:54 - 2016-11-16 06:52 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Mozilla
2017-03-02 11:54 - 2014-07-22 08:33 - 00000000 ____D C:\Program Files\trend micro
2017-03-02 11:39 - 2016-09-15 07:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-02 11:22 - 2016-09-15 08:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-02 10:29 - 2016-11-01 17:33 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 10:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-02 10:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 10:29 - 2011-12-01 10:57 - 00000000 ____D C:\Users\Dios\AppData\Local\CrashDumps
2017-03-02 07:16 - 2016-01-04 07:30 - 00000000 ___RD C:\Users\Dios\iCloudDrive
2017-03-02 07:14 - 2017-01-18 13:52 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-02 07:14 - 2016-12-20 10:48 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDios.job
2017-03-02 07:14 - 2016-09-15 08:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-02 07:13 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 06:55 - 2012-01-05 19:01 - 00000000 ____D C:\Users\Dios\AppData\Local\Adobe
2017-03-01 22:41 - 2012-02-11 08:08 - 00000000 ____D C:\Users\Dios\AppData\Roaming\vlc
2017-03-01 14:47 - 2017-01-18 13:52 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-01 08:11 - 2014-08-09 18:45 - 00000000 ____D C:\Program Files (x86)\uTorrent
2017-02-28 13:11 - 2016-12-20 10:48 - 00003228 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDios
2017-02-28 12:54 - 2016-01-11 13:53 - 00054660 _____ C:\Users\Dios\Desktop\Sledování cash flow II.xlsx
2017-02-28 12:47 - 2016-04-24 11:47 - 00027991 _____ C:\Users\Dios\Desktop\byt vybavení.xlsx
2017-02-28 08:52 - 2016-12-14 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-27 08:59 - 2012-12-14 13:16 - 00002286 ____H C:\Users\Dios\Documents\Default.rdp
2017-02-27 07:12 - 2014-09-19 15:00 - 00001303 _____ C:\Users\Dios\Documents\RESUME.XLW
2017-02-26 18:03 - 2015-06-12 07:04 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-26 13:46 - 2015-05-03 15:11 - 00000000 ____D C:\Users\Dios\Downloads\Other
2017-02-26 13:07 - 2017-01-20 09:58 - 00002484 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-02-26 13:07 - 2017-01-20 09:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-02-26 13:07 - 2016-03-22 07:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-02-24 09:25 - 2016-07-19 09:13 - 00000000 ____D C:\Stavitel
2017-02-24 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-24 07:51 - 2016-09-02 06:37 - 00002209 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2017-02-24 07:51 - 2016-09-02 06:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2017-02-23 19:07 - 2016-02-22 13:14 - 00000000 ____D C:\Users\Dios\Downloads\Filmy
2017-02-23 11:10 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 11:09 - 2013-07-21 05:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 10:56 - 2011-11-14 08:50 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 10:28 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-23 08:01 - 2015-10-09 20:19 - 00000000 ____D C:\Users\Dios\AppData\Local\Packages
2017-02-22 08:01 - 2012-12-11 14:12 - 00000000 ____D C:\Users\Dios\Downloads\iPod Photo Cache
2017-02-22 07:54 - 2016-09-15 07:10 - 02410490 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-22 07:54 - 2016-07-16 23:25 - 00899540 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-22 07:54 - 2016-07-16 23:25 - 00232632 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-20 13:52 - 2012-09-27 10:25 - 00000000 ____D C:\Users\Dios\AppData\Local\GHISLER
2017-02-19 19:16 - 2016-03-09 08:33 - 00022528 _____ C:\Users\Dios\Desktop\Passwords_09032016.xlsx
2017-02-17 09:39 - 2013-10-30 08:15 - 00000000 ____D C:\Users\Dios\AppData\Roaming\Nitro
2017-02-16 22:59 - 2016-09-15 07:11 - 00000000 ____D C:\Users\Dios
2017-02-16 13:21 - 2014-03-20 17:19 - 00064512 _____ C:\Users\Dios\Desktop\Půjčky_VC(HP).xls
2017-02-15 14:37 - 2012-08-03 20:17 - 00000000 ____D C:\Users\Dios\AppData\Local\The Witcher
2017-02-13 06:23 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-11 10:52 - 2016-11-01 09:00 - 00002201 _____ C:\Users\Public\Desktop\Money S3.lnk
2017-02-09 09:28 - 2017-01-20 09:53 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2017-02-09 09:16 - 2017-01-20 09:58 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-02-09 09:16 - 2017-01-20 09:58 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-01 08:22 - 2013-02-27 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2016-03-07 09:59 - 2016-03-07 10:33 - 0000034 _____ () C:\Users\Dios\AppData\Roaming\AdobeWLCMCache.dat
2016-07-12 11:32 - 2016-07-12 11:32 - 0009317 _____ () C:\Users\Dios\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
2014-01-22 07:15 - 2015-08-17 08:45 - 0024299 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-07-12 10:03 - 2016-08-17 08:01 - 0009306 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.EML
2017-03-02 12:45 - 2017-03-02 12:45 - 0029696 _____ () C:\Users\Dios\AppData\Local\MSGBOX.EXE
2014-07-17 06:43 - 2016-01-21 08:53 - 0007614 _____ () C:\Users\Dios\AppData\Local\resmon.resmoncfg
2012-01-26 19:25 - 2012-01-26 19:41 - 0001223 _____ () C:\ProgramData\hpzinstall.log
2012-09-14 10:29 - 2014-07-29 09:10 - 0000299 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-27 07:24

==================== End of FRST.txt ============================

Spikl · #5 Příspěvek od **Spikl** » 02 bře 2017 13:01

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by Dios (02-03-2017 12:55:20)
Running from C:\Users\Dios\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-15 07:12:12)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2675517426-136286855-1641891982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675517426-136286855-1641891982-503 - Limited - Disabled)
Dios (S-1-5-21-2675517426-136286855-1641891982-1001 - Administrator - Enabled) => C:\Users\Dios
Guest (S-1-5-21-2675517426-136286855-1641891982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2675517426-136286855-1641891982-1007 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - )
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2014 (HKLM-x32\...\{23E55F00-CE7A-4860-AF2A-69F3A5F8E54A}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bentley View V8i (SELECTseries 3) 08.11.09.459 (HKLM-x32\...\{ED98991E-E69D-44E1-828F-3F1C23FD95E0}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build Trial Package (HKLM-x32\...\{09A9CD6B-8C7B-43C1-B05D-02087226EA41}) (Version: 1.4.0 - Software Imaging)
Business Functions (HKLM-x32\...\Business Functions_is1) (Version: - Business Functions Ltd)
C310 (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Canon MF5900 Series (HKLM\...\{47C39213-7CE2-4eb0-A112-11671C0072A0}) (Version: 3.9.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Cortona3D Viewer (HKLM\...\{DEACDFFA-D424-416F-B849-FA282F55B2CE}) (Version: 7.0.188 - ParallelGraphics)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
DIY DataRecovery CHK-Mate (HKLM-x32\...\CHK-Mate_is1) (Version: 1.0 - DIY DataRecovery.nl)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DraftSight x64 (HKLM\...\{18D88174-BDBF-4BBF-B05C-3C75F609E44A}) (Version: 12.1.1077 - Dassault Systemes)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.101 (20170201_17) - CÍGLER SOFTWARE, a.s.)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird 1.5.5 (HKLM-x32\...\FBDBServer_1_5_is1) (Version: - Firebird Project)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet 400 MFP M425 (HKLM-x32\...\{568705AA-DD8A-4134-B8B9-9609721FBBCE}) (Version: 15.0.15188.1460 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}) (Version: 3.0.3.9925 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM425DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDXP (x32 Version: 3.0.26.11 - HP) Hidden
HPLaserJet400MFP-M425_HelpLearnCenter_SI (HKLM-x32\...\{55D8D1AB-94C2-498F-A165-608B834A30EA}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 140.069.007 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM425 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppFaxDrvM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM425LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM425 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
InterBase 6 Client Open Edition - 6.0.2.0 (HKLM-x32\...\InterBase 6 Client Open Edition - 6.0.2.0) (Version: - InterBase Installation Info)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
iPhone Converter version 1.3.2.0 (HKLM\...\{B27852AB-618E-4879-AEBF-D183F25543E8}_is1) (Version: - )
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Knihovna TurboFLOORPLANu (HKLM-x32\...\TurboFloorPlan-5.0.0) (Version: 5.0 - Špinar software s.r.o.)
KROSplus (HKLM-x32\...\{5553C7DB-998F-4029-9E7E-F323A326C4B8}) (Version: 13.00 - KROS a.s.)
Licenční server verze 3.002 (HKLM-x32\...\Licenční server verze 3.002) (Version: - )
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Magic Academy 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NemKalk 7.13 (HKLM-x32\...\NemKalk7_is1) (Version: - )
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
pCon.planner STD (64 bit) (HKLM\...\{6DDB6C07-B345-4B5F-B573-EE9DAEEB328C}) (Version: 7.3.0.104 - EasternGraphics)
PČS SmartClient (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ee485056d1c5a354) (Version: 2.1.9.10 - Pojišťovna České spořitelny)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.199.199.0 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Poker at bet365 (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\bet365poker) (Version: - )
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poradce, verze 1.38/1 (HKLM-x32\...\Hledik - Poradce) (Version: 1.38/1 - )
PS_AIO_07_C310_SW_Min (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
RTS Stavitel+ 2014 (HKLM-x32\...\RTS Stavitel+_is1) (Version: - )
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simulace_PCS (HKLM-x32\...\{FA632E53-37C3-44E4-BAE7-AEC897066D98}) (Version: 1.0.0 - Microsoft)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartMaps OCX pro Money S3, verze 2.0.2.5 (HKLM-x32\...\OCXMaps_is1) (Version: 2.0.2.5 - PLANstudio s.r.o.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.14.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.14.0 - Gavrila Martau)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TurboFloorPlan 3D Home and Landscape Pro 2015 (HKLM-x32\...\{0BD6EB74-8B4F-4D3A-89B6-3F6CDEB024E0}) (Version: 17.5.5 - IMSI Design, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{c77bad57-f913-4ac3-9061-6dfd6c0aa40a}) (Version: 1.3.0.16 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.16 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{D5DEF2D5-FE04-484D-A6C9-2A105443F56A}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\WhatsApp) (Version: 0.2.936 - WhatsApp)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EACC91-72CB-4287-A5B3-589EA0B84631} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {0D14F5E4-34D1-4B83-9EBA-076F63DA92EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0EB3F797-3153-42EE-83F8-33A48FEF6CD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {11CD153F-E397-42E8-A7B0-10FAE7C11B2C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {13AC7145-1FBA-46A7-A3A9-C97140E8677A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {19DBF2CF-532C-4BDE-B83D-96A86004AEC5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1CF937A7-D431-4525-A15C-B73D4FDEF5D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {1FDB43C4-6513-4AFC-AD54-9DDD0CFCA801} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {21648002-EF6B-4979-AFB9-4E42A76800E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {2397CEB9-5D33-42A2-9054-38AB725F53C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {28C80EA7-8FB6-47D6-9357-2F0951D02257} - System32\Tasks\{EF787000-3D6D-4AE4-BEE9-9052554AC2C3} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {28FDF4E0-7377-419E-BB38-80438399D8B9} - System32\Tasks\{EE6F22C5-F4D1-4C67-9E35-791420DD6AA0} => pcalua.exe -a C:\Users\Dios\Downloads\money-s3-15001-cz.exe
Task: {2A14E61F-A20C-454D-8EAB-31EBAC488FE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {2BC2DF81-B4CB-4D10-A2EB-D15B5C47C91F} - System32\Tasks\{FE3F8665-DAE0-4E76-B886-ACC0EAAB75FB} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {2CC8864E-8C66-45D9-858F-377810887C2A} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2D9BAFA4-EFE4-44AA-A2B8-DDF5C072EDAA} - System32\Tasks\{58F91570-BD51-4FA2-8CE0-39BAFF42BD10} => pcalua.exe -a C:\Users\Dios\Downloads\KROS\setup.exe -d C:\Users\Dios\Downloads\KROS
Task: {2DCD9098-44E9-4E30-B5C4-ACF669EE1AD1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {2E46169E-0629-4BA9-BC81-5E8195E25116} - System32\Tasks\{C2E35031-C64B-4A5E-8CC9-BEF6E2FAD49B} => pcalua.exe -a C:\Users\Dios\Downloads\lhm.exe -d C:\Users\Dios\Downloads
Task: {2EB7BB99-4969-4C42-9D95-F35ACA0AB939} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {34A292FD-C8BC-4352-882B-DFEDA33C4C48} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {387C4F88-E263-4B19-B26C-1C604AFFFE4A} - System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => pcalua.exe -a "C:\Users\Dios\Downloads\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {3FEBE1CC-4573-4376-AE0E-B5E1C6545F44} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-wintip77@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {4051F94C-B1E1-4D1B-B782-1DA823DD1C00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {44301198-A6A4-40F8-AA1C-1CA5DB4FE74E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {453A5020-823E-4BDC-AF4E-5F06EB0AA7F6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {48CEFDD3-610C-4EC9-ADA5-7B4FDDA0F57F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4926A6CF-84ED-42B1-B37B-4C9D50F95633} - System32\Tasks\{11E919B2-5102-4BBB-8FE1-18624ACE226F} => pcalua.exe -a "C:\Program Files\Kooperativa\Isos\Isos.exe" -d "C:\Program Files\Kooperativa\Isos"
Task: {4CA41BB2-25BD-4C62-8CF7-D4A37FC2CD55} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01] (Adobe Systems Incorporated)
Task: {4DFBF331-BD08-4581-B1AE-AA7A9A412324} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {53C6A5A5-C9F0-4450-A84C-B8A379CF9F83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {543BF91C-250C-4DA8-9180-692E914C7A95} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {553D8821-C40C-4A33-A2D0-BE488D981A4E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5B3C61DB-82EF-4C41-B146-F70F7614C9FF} - System32\Tasks\{937AA0AD-51E2-42F1-AE16-88C6D955819C} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {5C501CBF-C134-4AB3-9C12-EF945C9DD8CB} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {617236B5-E2D1-4937-8F2C-561FC673DC46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {655696FD-6E0F-40F7-8494-63FF9EB6E048} - System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => pcalua.exe -a C:\Users\Dios\Downloads\setup(1).exe -d C:\Users\Dios\Downloads
Task: {68E0BF27-F7C4-43F4-94C3-2AEAFAD659A3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6B6B1663-4E77-4477-B035-50E11065C3C9} - System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HS9EG6L\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {6EC465ED-4ED8-4243-AAD0-B0099DCB0688} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73699B69-355D-44AC-ABF6-65F37806389F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {73A0A03A-E7C8-4260-8714-7CCE42763C8F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {759DC2FE-59D0-449E-9D0D-1197160407BE} - System32\Tasks\{697CE3AF-4540-465F-B96D-5A33DEFA1F4E} => pcalua.exe -a C:\Users\Dios\Downloads\KoopP7BNExtern(1).exe -d C:\Users\Dios\Downloads
Task: {77539CF2-CB8F-401F-B9FA-D1BD30F8ED4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {7BCE7805-937D-4253-A665-B812D4239A0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {81A6567A-DDCA-4B5A-A18C-3E9AAC439B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {8448FD24-8653-446F-8CCC-1793C2FF091D} - System32\Tasks\{B3B1FFFB-DC50-44A3-9C1E-827F3A87E88E} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {89B17A91-70C4-43F0-AA9F-E146FBB747AE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8C00EF0D-FA6C-4CE0-AC32-84BF692B83F9} - System32\Tasks\{B0ED6832-3EA1-43CA-894A-3F21177A2A2B} => pcalua.exe -a "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\WebSetup.exe" -d "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\"
Task: {92DCA977-47C4-4B0A-9528-588FB1BEBB9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {948DCE32-8B90-46CC-99B6-CA99C995E405} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {94D846E5-1A3A-49CD-A43D-A8BBDEF241D0} - System32\Tasks\{189E6F36-CE0A-4B3C-86BD-0E4A5A2CF7A0} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {9AD13E91-0E20-4A99-9FDF-230FFC79ECD8} - System32\Tasks\{5D495734-0F2B-4248-B3E0-D9B7FF99922A} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDFThumbnailHelper.exe [2012-12-13] (Nitro PDF)
Task: {9FFC5797-49EF-4C66-B38B-69C317D136B5} - System32\Tasks\{F48DC0B4-6AB4-47A0-8771-94549BFDD3F5} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {A07A9045-DDA5-4532-ADA1-BC67BC10D910} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A19FAF4F-634B-47CD-864F-B26BEE24A121} - System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBX0RBYK\setup.exe" -d C:\Users\Dios\Desktop
Task: {A7347BBA-B303-454E-825B-ADFDE08C571A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {A87A1EE4-83C5-4971-910B-3722E134C230} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {A9E776EA-59B6-42BF-9383-2F7A0AB7BA04} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {ACF8DCC0-3C7F-4E63-B707-A899AC15629F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Task: {AD5FD70B-DA4D-4B64-BBD4-4355F36CD895} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {AF250386-88B7-4599-883D-F226BEEBE6E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B08AEDE6-9E56-482C-B72E-E9308E29C1D3} - System32\Tasks\{1BFED272-CEE7-4749-97E7-F084335F0742} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {B220650D-6D58-4A0D-B5AA-CA7E8C3B2A0E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-01-17] (Apple Inc.)
Task: {B4485AC6-7356-446F-9E04-7C080A4AD350} - System32\Tasks\{C3CEA077-CE2A-4AD7-8BA1-456456B2A88E} => pcalua.exe -a "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\uninst.exe" -d "C:\Program Files (x86)\Alcohol Soft\Alcohol 52"
Task: {B474D138-49BD-4920-B44F-19A5974E7197} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B8F13DFF-7CDD-4E7D-BE1A-80EA1BE1A15B} - System32\Tasks\HPCeeScheduleForDios => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B953CB77-4E6B-477B-8D63-6B0DCE9123C0} - System32\Tasks\{9BBE0796-780A-4AAE-B2BE-1C98851546B0} => pcalua.exe -a C:\Users\Dios\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BF01B1F0-5900-42E6-AF12-D4D18461CB6F} - System32\Tasks\{A3948E18-38A2-4928-9087-46697B834183} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {BFBD1FB1-9F3C-4DA7-BFBA-ABF11B1B09C6} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {C028799B-C998-4A85-8F4E-D6CE375967FE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C1AFC45C-7C97-45D5-939F-E43B04C598AF} - System32\Tasks\{BB051987-A088-4E1F-842C-5A0DC6BEF7A0} => C:\Program Files (x86)\CgmBetSystems\CgmBets.exe
Task: {C8C351ED-5619-4833-A61A-20B2367E6525} - System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => pcalua.exe -a C:\Users\Dios\Downloads\setup(3).exe -d C:\Users\Dios\Downloads
Task: {CAC31A8E-DF7D-46F1-896D-A2DF6CB6F688} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D0E6AE5E-3816-4E21-ABC9-6FBB167A77AD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D43C9CCB-0FD8-4FCB-A60B-E1BF2CAB3C7B} - System32\Tasks\{1E699CF4-E78B-4C3D-BFDC-A8DBEA7BB5C9} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {D515AFB1-1FE7-4F28-B472-58C498C9BF7D} - System32\Tasks\{1DC39F61-91E6-4776-B509-ED13DD51BBAD} => pcalua.exe -a C:\Users\Dios\Downloads\Hamachi-1.0.1.5.exe -d C:\Users\Dios\Downloads
Task: {DB3803A4-CC04-4FEB-980F-1B2AF403C1D3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {DBCA48B7-C3C3-42EE-997A-6D1B6BDB3096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E07D6744-D2D2-4698-BB63-4B33446981A2} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {E096A7F9-FD4E-4A4C-9D88-76632BA6DE08} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E189E19D-5F0D-4762-8CF8-C6917C5066B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E3B7BFE2-5312-4561-B5BB-72046D814703} - System32\Tasks\{6030F4DE-A10B-409D-9B44-05E0D1AE28E4} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {ED832A5F-631C-484C-BD26-FA1D8318DFA2} - System32\Tasks\{2E49A9EB-3280-4B40-A217-E2C09E93F899} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {F08D3DE8-1186-419E-A12F-D8B945111A52} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {F1D62EFA-C438-4A47-89DE-FAD6AEB2784E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F8FD7813-91EE-4334-8F05-3820DD9C61EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FC6FA7D2-B87F-461D-A0DD-FA86C0AD12CA} - System32\Tasks\{059E4574-2046-4A5F-B5AE-4BE5372B4716} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {FD2F0EAA-DEC4-4B2D-B250-91A6FB0BAE7E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDios.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\JoWooD Homepage.lnk -> hxxp://www.jowood.co
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce - Platinum Edition Homepage.lnk -> hxxp://spellforce.jowood.com/?rid=1221&lang=e
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce Forum.lnk -> hxxp://spellforce.jowood.com/forum

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-12 12:59 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2013-10-02 11:36 - 2012-12-07 10:42 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1120PP.DLL
2012-05-03 09:40 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 01469856 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
2016-09-02 06:37 - 2014-12-11 10:24 - 00076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 09:11 - 2016-09-15 09:11 - 00959168 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 03076512 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
2016-09-15 07:52 - 2016-09-15 07:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 11:59 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 11:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 11:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-07 13:39 - 2016-06-07 13:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 07:40 - 2016-03-04 07:42 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-16 19:27 - 2011-10-11 12:00 - 00045056 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\Mtp32.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-09-15 09:10 - 2016-09-15 09:10 - 00679624 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:A66CF953 [187]
AlternateDataStreams: C:\ProgramData\TEMP:C05ABBB5 [156]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ppe.cz -> hxxps://www.ppe.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\servis24.cz -> hxxps://www.servis24.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-04-19 07:30 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dios\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: 602XML Updater => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk => C:\windows\pss\Kooperativa - PDF Server.lnk.Startup
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "NUSB3MON"
HKLM\...\StartupApproved\Run32: => "Tmobile_Czech Estoril ModemListener"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0BC50696-A532-4D6E-927C-6AF387D98BB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E1B9ABA-C53E-4023-A5C6-41E4E82E5DA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE61E9F3-D8B9-4595-9B25-A28F831BF78D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB3444C-177A-4A09-A5B6-03E96F9CF71F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F1F9D9CF-0B24-46C4-8A09-9B79EE999573}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{6FBF6BAE-31AE-481C-886B-CF7E583CE24E}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{9A8536AC-8E2A-4703-A928-96A7EE35A2A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{615CDE9A-4762-467C-A13B-F9D4042F1CF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{540AFD97-B033-47BE-B751-5950FC568776}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DB7AF22-2457-4032-ACFC-D93728FEEA0B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B6AF7F7D-C636-4AB2-A251-04ADFD3B7A60}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{D85EF344-42D8-4474-BADC-A61B7E1456A1}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [{01DE0466-9EA5-4F9E-8143-2212DD0804A5}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [UDP Query User{4A1A6B8A-F5B4-4928-8851-F7F28DF643E8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3D63E791-3AA1-4099-B434-CBBEE191D316}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{81CAFB65-7BA1-4297-99B1-107F3AE42E8D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{096858B8-6DC5-46F1-840F-BEB3E40E59C3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{DE23D481-FE65-4B52-BCA7-EEB6B0C3728C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{D598719A-B177-4E28-892C-878CBBAE11E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{ACCFD7FB-1587-479D-AB4F-5EDF0153501A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EB59E3EC-49F9-4D68-AB8A-EAD9708DF1BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8058241D-9DBD-4A4B-9614-4472DB73EE45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D615243A-5072-4E99-A51C-1FF41EA3A7EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{45390CF1-7620-438D-95C8-5F1A123795A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{55FEE721-9CAF-4CA0-8992-B7111C8140A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{12420971-C9FB-489B-9839-6DC57444C75C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{24F71D6E-8E23-4582-8440-DD7DB596CD6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1F4C35B0-7A96-45C9-BBCF-0549AA0514BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{916A2433-703D-4CF9-B412-4D3ADA0619E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8F626E39-DFAD-4EBC-94AC-7D47A6AA65FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A390EEFF-C960-4853-9F79-EC6D2C5AB6D1}] => (Allow) G:\setup\hpznui40.exe
FirewallRules: [{384A3614-750B-4805-83CC-B6569C7F7B53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C3324F8-73A8-4125-BDAF-6AD490A4BDF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E4C564C-2A35-44E5-9422-DF9411373FC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{035113F2-39A1-49A0-AF50-0097DFFD49B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B74A65B5-E411-4E48-83C1-C2ABCDDBCAC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{915EDE72-61AA-4668-B29E-D43DBEEF312E}] => (Allow) LPort=1900
FirewallRules: [{E8D16D2C-1296-483B-AAFD-4CD58A6DCB27}] => (Allow) LPort=2869
FirewallRules: [{26BF4BD7-019E-4B1F-8E41-CAB70586A44A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B537BC04-32E5-4EC1-8C25-F988A09ED77E}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{6201D615-F4BE-403C-A61D-49B069FE9C96}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{7EFD56E7-D8E0-48E8-AF32-14290E96D86F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{B14C08F5-9E4D-473D-B914-36518E83CF6F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{80606333-A321-4B7A-B7B1-16FF85C8D084}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D8527A8-3BE0-49E4-826F-57893F9D556A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E9445BE-F188-4065-A150-4C02E8CB1C1F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{BDE595B0-9B7F-4A90-9239-F368946CD6D6}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{84F0E771-AD35-420B-B56D-A115A642BE1C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5C4C34A9-7F88-4782-BCE6-243AAF7382AD}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Restore Points =========================

11-02-2017 09:48:31 Naplánovaný kontrolní bod
18-02-2017 12:56:35 Naplánovaný kontrolní bod
23-02-2017 10:51:58 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2017 10:30:44 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll na řádku 3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (03/02/2017 10:29:27 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4852) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Dios\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1811 (0xfffff8ed).

Error: (03/02/2017 09:54:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SPIKL)
Description: Balíček Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/02/2017 08:01:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SPIKL)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/02/2017 07:43:00 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll na řádku 3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (03/02/2017 07:00:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudServices.exe, verze: 55.1.0.136, časové razítko: 0x58791a03
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x58256ca0
Kód výjimky: 0xc0000374
Posun chyby: 0x000d9d11
ID chybujícího procesu: 0x2250
Čas spuštění chybující aplikace: 0x01d293193dcb114f
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: d0cf004c-895b-4600-bce3-b11eff2c460d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/02/2017 07:00:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudPhotos.exe, verze: 105.0.0.178, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudPhotos_main.dll, verze: 105.0.0.178, časové razítko: 0x587e691b
Kód výjimky: 0xc0000005
Posun chyby: 0x000f48bc
ID chybujícího procesu: 0x10e0
Čas spuštění chybující aplikace: 0x01d293193f485211
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID zprávy: 4cb77f6b-2250-4619-b22e-347a36134133
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/02/2017 07:00:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.6.10.167, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.6.10.167, časové razítko: 0x587e6920
Kód výjimky: 0xc0000005
Posun chyby: 0x0010025c
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0x01d293193e783e70
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: 16f8356c-2cb2-4719-b4ae-52bd2100dec8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2017 10:41:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15610

Error: (03/01/2017 10:41:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15610

System errors:
=============
Error: (03/02/2017 07:31:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Zprostředkovatel času, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (03/02/2017 07:31:47 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Klient DHCP, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Centrum zabezpečení byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zprostředkovatel času byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zprostředkovatel domácích skupin byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Protokol událostí systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/02/2017 07:29:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Klient DHCP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/02/2017 07:24:58 AM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server {9E6E74C7-0E85-4D14-8851-7635E2C1C528} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/02/2017 07:17:20 AM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server {21F282D1-A881-49E1-9A3A-26E44E39B86C} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===================================
Date: 2017-01-20 10:00:17.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:15.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:11.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:07.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:21.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:14.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:14.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.126
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 66%
Total physical RAM: 4030.36 MB
Available physical RAM: 1362.08 MB
Total Virtual: 8126.36 MB
Available Virtual: 4441.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:573.86 GB) (Free:17.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Kodlz · #6 Příspěvek od **Kodlz** » 02 bře 2017 14:39

Na plose, tam kde mas umisteny FRST vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKLM-x32\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tipmatchbets.com/?cz&page=di ... egory=chat
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {0EB3F797-3153-42EE-83F8-33A48FEF6CD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {387C4F88-E263-4B19-B26C-1C604AFFFE4A} - System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => pcalua.exe -a "C:\Users\Dios\Downloads\setup (1).exe" -d C:\Users\Dios\Desktop

Task: {4051F94C-B1E1-4D1B-B782-1DA823DD1C00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4DFBF331-BD08-4581-B1AE-AA7A9A412324} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {553D8821-C40C-4A33-A2D0-BE488D981A4E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {655696FD-6E0F-40F7-8494-63FF9EB6E048} - System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => pcalua.exe -a C:\Users\Dios\Downloads\setup(1).exe -d C:\Users\Dios\Downloads
Task: {6B6B1663-4E77-4477-B035-50E11065C3C9} - System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HS9EG6L\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {6EC465ED-4ED8-4243-AAD0-B0099DCB0688} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73699B69-355D-44AC-ABF6-65F37806389F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7BCE7805-937D-4253-A665-B812D4239A0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {89B17A91-70C4-43F0-AA9F-E146FBB747AE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A19FAF4F-634B-47CD-864F-B26BEE24A121} - System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBX0RBYK\setup.exe" -d C:\Users\Dios\Desktop
Task: {A7347BBA-B303-454E-825B-ADFDE08C571A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {C8C351ED-5619-4833-A61A-20B2367E6525} - System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => pcalua.exe -a C:\Users\Dios\Downloads\setup(3).exe -d C:\Users\Dios\Downloads
Task: {E189E19D-5F0D-4762-8CF8-C6917C5066B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8FD7813-91EE-4334-8F05-3820DD9C61EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:A66CF953 [187]
AlternateDataStreams: C:\ProgramData\TEMP:C05ABBB5 [156]
FirewallRules: [{F1F9D9CF-0B24-46C4-8A09-9B79EE999573}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{6FBF6BAE-31AE-481C-886B-CF7E583CE24E}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{D85EF344-42D8-4474-BADC-A61B7E1456A1}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [{01DE0466-9EA5-4F9E-8143-2212DD0804A5}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe

end

Spikl · #7 Příspěvek od **Spikl** » 03 bře 2017 07:00

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by Dios (03-03-2017 06:47:19) Run:2
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKLM-x32\...\Run: [] => [X]
GroupPolicyScripts: Restriction <======= ATTENTION
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tipmatchbets.com/?cz&page=di ... egory=chat
Toolbar: HKLM-x32 - No Name - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {0EB3F797-3153-42EE-83F8-33A48FEF6CD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {387C4F88-E263-4B19-B26C-1C604AFFFE4A} - System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => pcalua.exe -a "C:\Users\Dios\Downloads\setup (1).exe" -d C:\Users\Dios\Desktop

Task: {4051F94C-B1E1-4D1B-B782-1DA823DD1C00} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4DFBF331-BD08-4581-B1AE-AA7A9A412324} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {553D8821-C40C-4A33-A2D0-BE488D981A4E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {655696FD-6E0F-40F7-8494-63FF9EB6E048} - System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => pcalua.exe -a C:\Users\Dios\Downloads\setup(1).exe -d C:\Users\Dios\Downloads
Task: {6B6B1663-4E77-4477-B035-50E11065C3C9} - System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2HS9EG6L\setup (1).exe" -d C:\Users\Dios\Desktop
Task: {6EC465ED-4ED8-4243-AAD0-B0099DCB0688} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73699B69-355D-44AC-ABF6-65F37806389F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7BCE7805-937D-4253-A665-B812D4239A0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {89B17A91-70C4-43F0-AA9F-E146FBB747AE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A19FAF4F-634B-47CD-864F-B26BEE24A121} - System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => pcalua.exe -a "C:\Users\Dios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBX0RBYK\setup.exe" -d C:\Users\Dios\Desktop
Task: {A7347BBA-B303-454E-825B-ADFDE08C571A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {C8C351ED-5619-4833-A61A-20B2367E6525} - System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => pcalua.exe -a C:\Users\Dios\Downloads\setup(3).exe -d C:\Users\Dios\Downloads
Task: {E189E19D-5F0D-4762-8CF8-C6917C5066B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8FD7813-91EE-4334-8F05-3820DD9C61EC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:A66CF953 [187]
AlternateDataStreams: C:\ProgramData\TEMP:C05ABBB5 [156]
FirewallRules: [{F1F9D9CF-0B24-46C4-8A09-9B79EE999573}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{6FBF6BAE-31AE-481C-886B-CF7E583CE24E}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller(1).exe
FirewallRules: [{D85EF344-42D8-4474-BADC-A61B7E1456A1}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe
FirewallRules: [{01DE0466-9EA5-4F9E-8143-2212DD0804A5}] => (Allow) C:\Users\Dios\Downloads\solutoinstaller.exe

end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} => value removed successfully
HKCR\Wow6432Node\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} => key not found.
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect => key removed successfully
HKLM\System\CurrentControlSet\Services\NAVENG => could not remove key. Access Denied.
HKLM\System\CurrentControlSet\Services\NAVEX15 => could not remove key. Access Denied.
HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-4E247109415D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EB3F797-3153-42EE-83F8-33A48FEF6CD3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EB3F797-3153-42EE-83F8-33A48FEF6CD3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{387C4F88-E263-4B19-B26C-1C604AFFFE4A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{387C4F88-E263-4B19-B26C-1C604AFFFE4A} => key removed successfully
C:\WINDOWS\System32\Tasks\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF1B34E8-53F3-4B17-8202-37D9E19CE6F7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4051F94C-B1E1-4D1B-B782-1DA823DD1C00} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4051F94C-B1E1-4D1B-B782-1DA823DD1C00} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DFBF331-BD08-4581-B1AE-AA7A9A412324} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DFBF331-BD08-4581-B1AE-AA7A9A412324} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{553D8821-C40C-4A33-A2D0-BE488D981A4E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{553D8821-C40C-4A33-A2D0-BE488D981A4E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{655696FD-6E0F-40F7-8494-63FF9EB6E048} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{655696FD-6E0F-40F7-8494-63FF9EB6E048} => key removed successfully
C:\WINDOWS\System32\Tasks\{69C21F3A-A387-47D0-AC54-2EA612C38533} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69C21F3A-A387-47D0-AC54-2EA612C38533} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B6B1663-4E77-4477-B035-50E11065C3C9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B6B1663-4E77-4477-B035-50E11065C3C9} => key removed successfully
C:\WINDOWS\System32\Tasks\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FFE2CB74-D788-4D21-BF63-179CDAFFAC79} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EC465ED-4ED8-4243-AAD0-B0099DCB0688} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EC465ED-4ED8-4243-AAD0-B0099DCB0688} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73699B69-355D-44AC-ABF6-65F37806389F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73699B69-355D-44AC-ABF6-65F37806389F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BCE7805-937D-4253-A665-B812D4239A0B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BCE7805-937D-4253-A665-B812D4239A0B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89B17A91-70C4-43F0-AA9F-E146FBB747AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89B17A91-70C4-43F0-AA9F-E146FBB747AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A19FAF4F-634B-47CD-864F-B26BEE24A121} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A19FAF4F-634B-47CD-864F-B26BEE24A121} => key removed successfully
C:\WINDOWS\System32\Tasks\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1C70DDC-32BA-4136-A49A-5C045321F25F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A7347BBA-B303-454E-825B-ADFDE08C571A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7347BBA-B303-454E-825B-ADFDE08C571A} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8C351ED-5619-4833-A61A-20B2367E6525} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8C351ED-5619-4833-A61A-20B2367E6525} => key removed successfully
C:\WINDOWS\System32\Tasks\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{268E1EE0-42FD-4B44-9333-7BCD88F8A02F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E189E19D-5F0D-4762-8CF8-C6917C5066B2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E189E19D-5F0D-4762-8CF8-C6917C5066B2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8FD7813-91EE-4334-8F05-3820DD9C61EC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8FD7813-91EE-4334-8F05-3820DD9C61EC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9A298AD-FC4D-418B-8C5B-6B2A472C1A13} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\TEMP => ":A66CF953" ADS removed successfully.
C:\ProgramData\TEMP => ":C05ABBB5" ADS removed successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1F9D9CF-0B24-46C4-8A09-9B79EE999573} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FBF6BAE-31AE-481C-886B-CF7E583CE24E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D85EF344-42D8-4474-BADC-A61B7E1456A1} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01DE0466-9EA5-4F9E-8143-2212DD0804A5} => value removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10692428 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49693339 B
Java, Flash, Steam htmlcache => 825 B
Windows/system/drivers => 105806 B
Edge => 200 B
Chrome => 100352 B
Firefox => 177981076 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6866 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 37168 B
LocalService => 57914417 B
NetworkService => 0 B
Dios => 22314984 B
DefaultAppPool => 6866 B

RecycleBin => 0 B
EmptyTemp: => 304.1 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-03-2017 06:55:38)

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\NAVENG => could not remove key. Access Denied.
HKLM\System\CurrentControlSet\Services\NAVEX15 => could not remove key. Access Denied.

==== End of Fixlog 06:55:38 ====

Kodlz · #8 Příspěvek od **Kodlz** » 03 bře 2017 07:56

Stáhni AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Ulož na plochu
Ukonči všechny programy
Klikni nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vlož.

nasledne tento tool MBAM: http://forum.viry.cz/viewtopic.php?f=29&t=144868
-Nainstaluj,dej úplný sken

-Log zkopíruj sem.

Spikl · #9 Příspěvek od **Spikl** » 03 bře 2017 23:05

Ahoj, posílám logy:

# AdwCleaner v6.044 - Logfile created 03/03/2017 at 08:34:43
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-03-02.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : Dios - SPIKL
# Running from : C:\Users\Dios\Desktop\adwcleaner_6.044.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\apn
[-] Folder deleted: C:\Users\Dios\AppData\Local\Geckofx

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

[-] Firefox preferences cleaned: "browser.search.hiddenOneOffs" - "Seznam,DuckDuckGo,Heuréka,Mapy.cz,Slunečnice,Wikipedie (cs)"
[-] [C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: slunecnice.cz

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1709 Bytes] - [28/06/2016 20:32:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1163 Bytes] - [03/03/2017 08:34:43]
C:\AdwCleaner\AdwCleaner[R0].txt - [1035 Bytes] - [01/12/2015 09:49:16]
C:\AdwCleaner\AdwCleaner[S0].txt - [1094 Bytes] - [01/12/2015 09:55:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [1510 Bytes] - [28/06/2016 20:28:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [1714 Bytes] - [03/03/2017 08:33:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1528 Bytes] ##########

Spikl · #10 Příspěvek od **Spikl** » 03 bře 2017 23:05

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 03.03.17
Čas skenování: 17:09
Logovací soubor: mbam.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.75
Aktualizovat verzi balíku komponent: 1.0.1417
Licence: Zkušební

-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: SPIKL\Dios

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 649534
Uplynulý čas: 5 hod, 8 min, 37 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.DriverIdentifier, HKLM\SOFTWARE\CLASSES\driveruploader, V karanténě, [3272], [368278],1.0.1417

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 1
PUP.Optional.DriverIdentifier, C:\Users\Dios\AppData\Roaming\driveridentifier, V karanténě, [3272], [368279],1.0.1417

Soubor: 2
PUP.Optional.DriverIdentifier, C:\Users\Dios\AppData\Roaming\driveridentifier\log.txt, V karanténě, [3272], [368279],1.0.1417
PUP.Optional.InstallCore, C:\PROGRAMDATA\MARTAU\TOTAL UNINSTALL 6\BACKUP\SMART FILE ADVISOR 1.1.8.ANALYZED.ZIP, V karanténě, [8], [300952],1.0.1417

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

Kodlz · #11 Příspěvek od **Kodlz** » 04 bře 2017 09:49

jak se chova pc?

Spikl · #12 Příspěvek od **Spikl** » 04 bře 2017 18:37

Je to lepší, třeba ten excel už vypadá že je OK. Jinak stále pomalejší náběh Mozilly, Outlooku, Průzkumníka......
U té Mozilly trvá samotné otevření okna, následně trvá než se vůbec načte dom.stránka. Včera zamrzl FlashPlayer a nešel ukončit ani ve správci.

Díky.

Kodlz · #13 Příspěvek od **Kodlz** » 05 bře 2017 13:21

vytvor prosim znovu logy ( oba) z FRST.

Spikl · #14 Příspěvek od **Spikl** » 05 bře 2017 17:23

Log FRTS se neobjevil (prázdný text.dokument). Vkládám zatím pouze Addition log a frts bude následovat.
Díky

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by Dios (05-03-2017 17:16:03)
Running from C:\Users\Dios\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-15 07:12:12)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2675517426-136286855-1641891982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2675517426-136286855-1641891982-503 - Limited - Disabled)
Dios (S-1-5-21-2675517426-136286855-1641891982-1001 - Administrator - Enabled) => C:\Users\Dios
Guest (S-1-5-21-2675517426-136286855-1641891982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2675517426-136286855-1641891982-1007 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.2 - )
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2014 (HKLM-x32\...\{23E55F00-CE7A-4860-AF2A-69F3A5F8E54A}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bentley View V8i (SELECTseries 3) 08.11.09.459 (HKLM-x32\...\{ED98991E-E69D-44E1-828F-3F1C23FD95E0}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build Trial Package (HKLM-x32\...\{09A9CD6B-8C7B-43C1-B05D-02087226EA41}) (Version: 1.4.0 - Software Imaging)
Business Functions (HKLM-x32\...\Business Functions_is1) (Version: - Business Functions Ltd)
C310 (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Canon MF5900 Series (HKLM\...\{47C39213-7CE2-4eb0-A112-11671C0072A0}) (Version: 3.9.0.0 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Cortona3D Viewer (HKLM\...\{DEACDFFA-D424-416F-B849-FA282F55B2CE}) (Version: 7.0.188 - ParallelGraphics)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
DIY DataRecovery CHK-Mate (HKLM-x32\...\CHK-Mate_is1) (Version: 1.0 - DIY DataRecovery.nl)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DraftSight x64 (HKLM\...\{18D88174-BDBF-4BBF-B05C-3C75F609E44A}) (Version: 12.1.1077 - Dassault Systemes)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.101 (20170201_17) - CÍGLER SOFTWARE, a.s.)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird 1.5.5 (HKLM-x32\...\FBDBServer_1_5_is1) (Version: - Firebird Project)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{5BAA8884-F661-464B-B5B2-5C6C632BFC21}) (Version: 7.1.4.1529 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet 400 MFP M425 (HKLM-x32\...\{568705AA-DD8A-4134-B8B9-9609721FBBCE}) (Version: 15.0.15188.1460 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Photo Creations (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{6B5E7B4F-64A2-4DEB-B210-0DD92F940A01}) (Version: 3.0.3.9925 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.5.32.203 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM425DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDXP (x32 Version: 3.0.26.11 - HP) Hidden
HPLaserJet400MFP-M425_HelpLearnCenter_SI (HKLM-x32\...\{55D8D1AB-94C2-498F-A165-608B834A30EA}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 140.069.007 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM425 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppFaxDrvM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM425LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppSendFaxM425 (x32 Version: 004.000.00001 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM425 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Incomedia WebSite X5 v11 - Home (HKLM-x32\...\{C5743DB8-7BDF-47D3-8D41-0BBD487B48A1}_is1) (Version: 11.0.6.27 - Incomedia s.r.l.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
InterBase 6 Client Open Edition - 6.0.2.0 (HKLM-x32\...\InterBase 6 Client Open Edition - 6.0.2.0) (Version: - InterBase Installation Info)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
iPhone Converter version 1.3.2.0 (HKLM\...\{B27852AB-618E-4879-AEBF-D183F25543E8}_is1) (Version: - )
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Knihovna TurboFLOORPLANu (HKLM-x32\...\TurboFloorPlan-5.0.0) (Version: 5.0 - Špinar software s.r.o.)
KROSplus (HKLM-x32\...\{5553C7DB-998F-4029-9E7E-F323A326C4B8}) (Version: 13.00 - KROS a.s.)
Licenční server verze 3.002 (HKLM-x32\...\Licenční server verze 3.002) (Version: - )
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Magic Academy 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft CAPICOM 2.1.0.2 SDK (HKLM-x32\...\{2FF43F5D-5729-4E02-A548-310E30A5F29B}) (Version: 2.1.0.2 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobipocket Creator 4.2 (HKLM-x32\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mobipocket Reader 6.2 (HKLM-x32\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NemKalk 7.13 (HKLM-x32\...\NemKalk7_is1) (Version: - )
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{522D6D76-B109-4C83-BA3C-D26D08391EBC}) (Version: 8.0.10.7 - Nitro)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.0.71 - Symantec Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
pCon.planner STD (64 bit) (HKLM\...\{6DDB6C07-B345-4B5F-B573-EE9DAEEB328C}) (Version: 7.3.0.104 - EasternGraphics)
PČS SmartClient (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ee485056d1c5a354) (Version: 2.1.9.10 - Pojišťovna České spořitelny)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.199.199.0 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Poker at bet365 (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\bet365poker) (Version: - )
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poradce, verze 1.38/1 (HKLM-x32\...\Hledik - Poradce) (Version: 1.38/1 - )
PS_AIO_07_C310_SW_Min (x32 Version: 140.0.304.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
RTS Stavitel+ 2014 (HKLM-x32\...\RTS Stavitel+_is1) (Version: - )
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simulace_PCS (HKLM-x32\...\{FA632E53-37C3-44E4-BAE7-AEC897066D98}) (Version: 1.0.0 - Microsoft)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartMaps OCX pro Money S3, verze 2.0.2.5 (HKLM-x32\...\OCXMaps_is1) (Version: 2.0.2.5 - PLANstudio s.r.o.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
SpellForce (HKLM-x32\...\SpellForce) (Version: SpellForce v1.52 - JoWooD Productions Software AG)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total Uninstall 6.14.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.14.0 - Gavrila Martau)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TurboFloorPlan 3D Home and Landscape Pro 2015 (HKLM-x32\...\{0BD6EB74-8B4F-4D3A-89B6-3F6CDEB024E0}) (Version: 17.5.5 - IMSI Design, LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{61D3AB5C-02B5-47FC-906A-C49A0954C7C6}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{c77bad57-f913-4ac3-9061-6dfd6c0aa40a}) (Version: 1.3.0.16 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.16 - Western Digital Technologies, Inc.) Hidden
WD Quick View (HKLM-x32\...\{D5DEF2D5-FE04-484D-A6C9-2A105443F56A}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\WhatsApp) (Version: 0.2.936 - WhatsApp)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-2675517426-136286855-1641891982-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D14F5E4-34D1-4B83-9EBA-076F63DA92EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {106E7DD4-E989-4692-8C55-5BBD2F763B40} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {11CD153F-E397-42E8-A7B0-10FAE7C11B2C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {13AC7145-1FBA-46A7-A3A9-C97140E8677A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {19DBF2CF-532C-4BDE-B83D-96A86004AEC5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1CF937A7-D431-4525-A15C-B73D4FDEF5D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-09] (Google Inc.)
Task: {1FDB43C4-6513-4AFC-AD54-9DDD0CFCA801} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
Task: {21648002-EF6B-4979-AFB9-4E42A76800E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {2397CEB9-5D33-42A2-9054-38AB725F53C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {28C80EA7-8FB6-47D6-9357-2F0951D02257} - System32\Tasks\{EF787000-3D6D-4AE4-BEE9-9052554AC2C3} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {28FDF4E0-7377-419E-BB38-80438399D8B9} - System32\Tasks\{EE6F22C5-F4D1-4C67-9E35-791420DD6AA0} => pcalua.exe -a C:\Users\Dios\Downloads\money-s3-15001-cz.exe
Task: {2A14E61F-A20C-454D-8EAB-31EBAC488FE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {2BC2DF81-B4CB-4D10-A2EB-D15B5C47C91F} - System32\Tasks\{FE3F8665-DAE0-4E76-B886-ACC0EAAB75FB} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {2CC8864E-8C66-45D9-858F-377810887C2A} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {2D9BAFA4-EFE4-44AA-A2B8-DDF5C072EDAA} - System32\Tasks\{58F91570-BD51-4FA2-8CE0-39BAFF42BD10} => pcalua.exe -a C:\Users\Dios\Downloads\KROS\setup.exe -d C:\Users\Dios\Downloads\KROS
Task: {2DCD9098-44E9-4E30-B5C4-ACF669EE1AD1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {2E46169E-0629-4BA9-BC81-5E8195E25116} - System32\Tasks\{C2E35031-C64B-4A5E-8CC9-BEF6E2FAD49B} => pcalua.exe -a C:\Users\Dios\Downloads\lhm.exe -d C:\Users\Dios\Downloads
Task: {2EB7BB99-4969-4C42-9D95-F35ACA0AB939} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3FEBE1CC-4573-4376-AE0E-B5E1C6545F44} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-wintip77@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {44301198-A6A4-40F8-AA1C-1CA5DB4FE74E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {453A5020-823E-4BDC-AF4E-5F06EB0AA7F6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {48CEFDD3-610C-4EC9-ADA5-7B4FDDA0F57F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4926A6CF-84ED-42B1-B37B-4C9D50F95633} - System32\Tasks\{11E919B2-5102-4BBB-8FE1-18624ACE226F} => pcalua.exe -a "C:\Program Files\Kooperativa\Isos\Isos.exe" -d "C:\Program Files\Kooperativa\Isos"
Task: {4CA41BB2-25BD-4C62-8CF7-D4A37FC2CD55} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-01] (Adobe Systems Incorporated)
Task: {53C6A5A5-C9F0-4450-A84C-B8A379CF9F83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {543BF91C-250C-4DA8-9180-692E914C7A95} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5B3C61DB-82EF-4C41-B146-F70F7614C9FF} - System32\Tasks\{937AA0AD-51E2-42F1-AE16-88C6D955819C} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {5C501CBF-C134-4AB3-9C12-EF945C9DD8CB} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {617236B5-E2D1-4937-8F2C-561FC673DC46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {68E0BF27-F7C4-43F4-94C3-2AEAFAD659A3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {73A0A03A-E7C8-4260-8714-7CCE42763C8F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {759DC2FE-59D0-449E-9D0D-1197160407BE} - System32\Tasks\{697CE3AF-4540-465F-B96D-5A33DEFA1F4E} => pcalua.exe -a C:\Users\Dios\Downloads\KoopP7BNExtern(1).exe -d C:\Users\Dios\Downloads
Task: {77539CF2-CB8F-401F-B9FA-D1BD30F8ED4E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {81A6567A-DDCA-4B5A-A18C-3E9AAC439B9A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {8448FD24-8653-446F-8CCC-1793C2FF091D} - System32\Tasks\{B3B1FFFB-DC50-44A3-9C1E-827F3A87E88E} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {8C00EF0D-FA6C-4CE0-AC32-84BF692B83F9} - System32\Tasks\{B0ED6832-3EA1-43CA-894A-3F21177A2A2B} => pcalua.exe -a "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\WebSetup.exe" -d "C:\Users\Public\Documents\CIGLER SOFTWARE\Money S3\Data\WebSetup\"
Task: {92DCA977-47C4-4B0A-9528-588FB1BEBB9A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {948DCE32-8B90-46CC-99B6-CA99C995E405} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {94D846E5-1A3A-49CD-A43D-A8BBDEF241D0} - System32\Tasks\{189E6F36-CE0A-4B3C-86BD-0E4A5A2CF7A0} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {9AD13E91-0E20-4A99-9FDF-230FFC79ECD8} - System32\Tasks\{5D495734-0F2B-4248-B3E0-D9B7FF99922A} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDFThumbnailHelper.exe [2012-12-13] (Nitro PDF)
Task: {9FFC5797-49EF-4C66-B38B-69C317D136B5} - System32\Tasks\{F48DC0B4-6AB4-47A0-8771-94549BFDD3F5} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {A07A9045-DDA5-4532-ADA1-BC67BC10D910} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A87A1EE4-83C5-4971-910B-3722E134C230} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {A9E776EA-59B6-42BF-9383-2F7A0AB7BA04} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\WSCStub.exe [2017-02-20] (Symantec Corporation)
Task: {ACF8DCC0-3C7F-4E63-B707-A899AC15629F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.)
Task: {AF250386-88B7-4599-883D-F226BEEBE6E2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B08AEDE6-9E56-482C-B72E-E9308E29C1D3} - System32\Tasks\{1BFED272-CEE7-4749-97E7-F084335F0742} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {B220650D-6D58-4A0D-B5AA-CA7E8C3B2A0E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-01-17] (Apple Inc.)
Task: {B4485AC6-7356-446F-9E04-7C080A4AD350} - System32\Tasks\{C3CEA077-CE2A-4AD7-8BA1-456456B2A88E} => pcalua.exe -a "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\uninst.exe" -d "C:\Program Files (x86)\Alcohol Soft\Alcohol 52"
Task: {B474D138-49BD-4920-B44F-19A5974E7197} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B8F13DFF-7CDD-4E7D-BE1A-80EA1BE1A15B} - System32\Tasks\HPCeeScheduleForDios => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B953CB77-4E6B-477B-8D63-6B0DCE9123C0} - System32\Tasks\{9BBE0796-780A-4AAE-B2BE-1C98851546B0} => pcalua.exe -a C:\Users\Dios\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BF01B1F0-5900-42E6-AF12-D4D18461CB6F} - System32\Tasks\{A3948E18-38A2-4928-9087-46697B834183} => C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe [2012-12-13] (Nitro PDF)
Task: {BFBD1FB1-9F3C-4DA7-BFBA-ABF11B1B09C6} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {C028799B-C998-4A85-8F4E-D6CE375967FE} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C1AFC45C-7C97-45D5-939F-E43B04C598AF} - System32\Tasks\{BB051987-A088-4E1F-842C-5A0DC6BEF7A0} => C:\Program Files (x86)\CgmBetSystems\CgmBets.exe
Task: {CAC31A8E-DF7D-46F1-896D-A2DF6CB6F688} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {D0E6AE5E-3816-4E21-ABC9-6FBB167A77AD} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D43C9CCB-0FD8-4FCB-A60B-E1BF2CAB3C7B} - System32\Tasks\{1E699CF4-E78B-4C3D-BFDC-A8DBEA7BB5C9} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {D449143A-6252-42C8-98FF-3D4E9513DC03} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2017-02-20] (Symantec Corporation)
Task: {D515AFB1-1FE7-4F28-B472-58C498C9BF7D} - System32\Tasks\{1DC39F61-91E6-4776-B509-ED13DD51BBAD} => pcalua.exe -a C:\Users\Dios\Downloads\Hamachi-1.0.1.5.exe -d C:\Users\Dios\Downloads
Task: {DB3803A4-CC04-4FEB-980F-1B2AF403C1D3} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {DBCA48B7-C3C3-42EE-997A-6D1B6BDB3096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E07D6744-D2D2-4698-BB63-4B33446981A2} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {E096A7F9-FD4E-4A4C-9D88-76632BA6DE08} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {E3B7BFE2-5312-4561-B5BB-72046D814703} - System32\Tasks\{6030F4DE-A10B-409D-9B44-05E0D1AE28E4} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {ED832A5F-631C-484C-BD26-FA1D8318DFA2} - System32\Tasks\{2E49A9EB-3280-4B40-A217-E2C09E93F899} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {F08D3DE8-1186-419E-A12F-D8B945111A52} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {F1D62EFA-C438-4A47-89DE-FAD6AEB2784E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {F794CEE7-3B12-43FB-B0E4-C438A8C9E799} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\SymErr.exe [2017-02-07] (Symantec Corporation)
Task: {FC6FA7D2-B87F-461D-A0DD-FA86C0AD12CA} - System32\Tasks\{059E4574-2046-4A5F-B5AE-4BE5372B4716} => C:\Program Files (x86)\KROSplus\KROSplus.exe [2014-06-13] (KROS a.s.)
Task: {FD2F0EAA-DEC4-4B2D-B250-91A6FB0BAE7E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDios.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\JoWooD Homepage.lnk -> hxxp://www.jowood.co
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce - Platinum Edition Homepage.lnk -> hxxp://spellforce.jowood.com/?rid=1221&lang=e
Shortcut: C:\Users\Dios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD\SpellForce - Platinum Edition\SpellForce Forum.lnk -> hxxp://spellforce.jowood.com/forum

==================== Loaded Modules (Whitelisted) ==============

2015-10-12 12:59 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2013-10-02 11:36 - 2012-12-07 10:42 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1120PP.DLL
2012-05-03 09:40 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 01469856 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
2016-09-02 06:37 - 2014-12-11 10:24 - 00076584 _____ () C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
2017-03-03 08:56 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-03 08:56 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-15 09:11 - 2016-09-15 09:11 - 00959168 _____ () C:\Users\Dios\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-12-15 08:20 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 07:52 - 2016-09-15 07:52 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 11:59 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 11:58 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 11:58 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 11:58 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-16 19:27 - 2012-09-30 12:00 - 03076512 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 07:04 - 2017-03-02 07:06 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-07 13:39 - 2016-06-07 13:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 07:04 - 2017-03-02 07:06 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 07:40 - 2016-03-04 07:42 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-09-16 19:27 - 2011-10-11 12:00 - 00045056 _____ () C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\Mtp32.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-02-07 12:21 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2017-02-07 12:21 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\ppe.cz -> hxxps://www.ppe.cz
IE trusted site: HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\servis24.cz -> hxxps://www.servis24.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-03-03 06:49 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dios\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: 602XML Updater => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dios^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk => C:\windows\pss\Kooperativa - PDF Server.lnk.Startup
MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SFAUpdater"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "NUSB3MON"
HKLM\...\StartupApproved\Run32: => "Tmobile_Czech Estoril ModemListener"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0BC50696-A532-4D6E-927C-6AF387D98BB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E1B9ABA-C53E-4023-A5C6-41E4E82E5DA2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BE61E9F3-D8B9-4595-9B25-A28F831BF78D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0DB3444C-177A-4A09-A5B6-03E96F9CF71F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A8536AC-8E2A-4703-A928-96A7EE35A2A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{615CDE9A-4762-467C-A13B-F9D4042F1CF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{540AFD97-B033-47BE-B751-5950FC568776}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DB7AF22-2457-4032-ACFC-D93728FEEA0B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{B6AF7F7D-C636-4AB2-A251-04ADFD3B7A60}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{4A1A6B8A-F5B4-4928-8851-F7F28DF643E8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3D63E791-3AA1-4099-B434-CBBEE191D316}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{81CAFB65-7BA1-4297-99B1-107F3AE42E8D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{096858B8-6DC5-46F1-840F-BEB3E40E59C3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{DE23D481-FE65-4B52-BCA7-EEB6B0C3728C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{D598719A-B177-4E28-892C-878CBBAE11E9}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{ACCFD7FB-1587-479D-AB4F-5EDF0153501A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{EB59E3EC-49F9-4D68-AB8A-EAD9708DF1BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8058241D-9DBD-4A4B-9614-4472DB73EE45}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D615243A-5072-4E99-A51C-1FF41EA3A7EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{45390CF1-7620-438D-95C8-5F1A123795A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{55FEE721-9CAF-4CA0-8992-B7111C8140A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{12420971-C9FB-489B-9839-6DC57444C75C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{24F71D6E-8E23-4582-8440-DD7DB596CD6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1F4C35B0-7A96-45C9-BBCF-0549AA0514BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{916A2433-703D-4CF9-B412-4D3ADA0619E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8F626E39-DFAD-4EBC-94AC-7D47A6AA65FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{A390EEFF-C960-4853-9F79-EC6D2C5AB6D1}] => (Allow) G:\setup\hpznui40.exe
FirewallRules: [{384A3614-750B-4805-83CC-B6569C7F7B53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C3324F8-73A8-4125-BDAF-6AD490A4BDF4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E4C564C-2A35-44E5-9422-DF9411373FC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{035113F2-39A1-49A0-AF50-0097DFFD49B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B74A65B5-E411-4E48-83C1-C2ABCDDBCAC3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{915EDE72-61AA-4668-B29E-D43DBEEF312E}] => (Allow) LPort=1900
FirewallRules: [{E8D16D2C-1296-483B-AAFD-4CD58A6DCB27}] => (Allow) LPort=2869
FirewallRules: [{26BF4BD7-019E-4B1F-8E41-CAB70586A44A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B537BC04-32E5-4EC1-8C25-F988A09ED77E}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{6201D615-F4BE-403C-A61D-49B069FE9C96}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{7EFD56E7-D8E0-48E8-AF32-14290E96D86F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{B14C08F5-9E4D-473D-B914-36518E83CF6F}] => (Allow) C:\Program Files (x86)\CIGLER SOFTWARE\Money S3\MonS3.exe
FirewallRules: [{80606333-A321-4B7A-B7B1-16FF85C8D084}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D8527A8-3BE0-49E4-826F-57893F9D556A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E9445BE-F188-4065-A150-4C02E8CB1C1F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{BDE595B0-9B7F-4A90-9239-F368946CD6D6}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{84F0E771-AD35-420B-B56D-A115A642BE1C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5C4C34A9-7F88-4782-BCE6-243AAF7382AD}] => (Block) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Restore Points =========================

11-02-2017 09:48:31 Naplánovaný kontrolní bod
18-02-2017 12:56:35 Naplánovaný kontrolní bod
23-02-2017 10:51:58 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16109

Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16109

Error: (03/04/2017 08:30:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3953

Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3953

Error: (03/04/2017 01:27:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/04/2017 10:46:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/04/2017 08:55:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudPhotos.exe, verze: 105.0.0.178, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudPhotos_main.dll, verze: 105.0.0.178, časové razítko: 0x587e691b
Kód výjimky: 0xc0000005
Posun chyby: 0x000f48bc
ID chybujícího procesu: 0x1e18
Čas spuštění chybující aplikace: 0x01d294bca104e2bd
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos_main.dll
ID zprávy: 6e611bb2-8959-47c3-91a2-58e6ed6413cd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/03/2017 11:06:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SPIKL)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/03/2017 10:58:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.6.10.167, časové razítko: 0x58791a03
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.6.10.167, časové razítko: 0x587e6920
Kód výjimky: 0xc0000005
Posun chyby: 0x0010025c
ID chybujícího procesu: 0x1148
Čas spuštění chybující aplikace: 0x01d29469098f2185
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: a45a2865-0489-499d-a4d4-2df0a6a2e1ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (03/05/2017 12:54:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 01:27:24 PM) (Source: cdrom) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\CdRom1.

Error: (03/04/2017 08:54:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2017 11:06:41 PM) (Source: DCOM) (EventID: 10010) (User: SPIKL)
Description: Server App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/03/2017 11:00:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (03/03/2017 11:00:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

CodeIntegrity:
===================================
Date: 2017-01-20 10:00:17.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:15.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:11.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 10:00:07.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:21.812
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:14.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:14.010
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.462
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.126
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-20 09:58:13.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 63%
Total physical RAM: 4030.36 MB
Available physical RAM: 1470.02 MB
Total Virtual: 8126.36 MB
Available Virtual: 3969.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:573.86 GB) (Free:20.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Spikl · #15 Příspěvek od **Spikl** » 05 bře 2017 17:28

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
Ran by Dios (administrator) on SPIKL (05-03-2017 17:24:57)
Running from C:\Users\Dios\Desktop
Loaded Profiles: Dios (Available Profiles: Dios & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe
() C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
Failed to access process -> backgroundTaskHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\conathst.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-07] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2015-05-20] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [NetLockMngr] => C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTMngr.exe [3076512 2012-09-30] ()
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [322352 2014-08-09] (BitTorrent, Inc.)
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\buShell.dll [2017-02-07] (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{010225A0-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 62.141.0.1 213.162.65.1
Tcpip\..\Interfaces\{010225A2-1DFD-CB3D-7CBF-F81DEAD6A5B5}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{20adc871-8488-4412-9121-2b7c6725d838}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{278401da-e960-4b4c-bcbc-f939ebbd7fd9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3b5a714d-352b-4aad-8581-cff6782c3e01}: [DhcpNameServer] 192.168.9.1 192.168.9.1
Tcpip\..\Interfaces\{44da3733-12ea-4092-ab15-cb3b918a7993}: [NameServer] 192.168.100.1,8.8.8.8
Tcpip\..\Interfaces\{c202a2a1-8152-4b98-9159-127249dde237}: [DhcpNameServer] 10.0.28.1
Tcpip\..\Interfaces\{d4f80e1b-eb6c-4a5f-a082-7407669bd57a}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2675517426-136286855-1641891982-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\coIEPlg.dll [2017-02-20] (Symantec Corporation)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-27] (Tracker Software Products Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.9.0.71\coIEPlg.dll [2017-02-07] (Symantec Corporation)

FireFox:
========
FF DefaultProfile: h0iijypa.default-1414995702743
FF ProfilePath: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 [2017-03-05]
FF Homepage: Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743 -> hxxps://www.seznam.cz/
FF Extension: (iCloud Bookmarks) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\firefoxdav@icloud.com [2016-10-20]
FF Extension: (QuickJava) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-10-10]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\features\{7a9acee5-4637-43f6-a7bf-c902825e3863}\disableSHA1rollout@mozilla.org.xpi [2017-03-03]
FF SearchPlugin: C:\Users\Dios\AppData\Roaming\Mozilla\Firefox\Profiles\h0iijypa.default-1414995702743\searchplugins\firmycz.xml [2015-06-16]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon [2017-02-09]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.8.0.50\coFFAddon
FF HKU\S-1-5-21-2675517426-136286855-1641891982-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-01] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2011-11-28] (ParallelGraphics)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Dios\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-08-06] ()
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2016-12-01] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-2675517426-136286855-1641891982-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Dios\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-10-01] (Česká spořitelna, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-17] (Apple Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default [2017-03-03]
CHR Extension: (Prezentace Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-13]
CHR Extension: (Dokumenty Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13]
CHR Extension: (Disk Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-13]
CHR Extension: (YouTube) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Tabulky Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-13]
CHR Extension: (Norton Identity Safe) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-04-10]
CHR Extension: (Peněženka Google) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\Dios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\Exts\Chrome.crx [2017-02-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2014-03-14] (Dassault Systèmes) [File not signed]
S3 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
S3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
S3 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.9.0.71\NIS.exe [326160 2017-02-21] (Symantec Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SWLckServer; C:\Program Files (x86)\CIGLER SOFTWARE\NetLicence\CSW_NetSWKeyNTService.exe [1469856 2012-09-30] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-03] (Synaptics Incorporated)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] ()
S3 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-05-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 xmengine service; C:\windows\SysWOW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\WINDOWS\system32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\BASHDefs\20170301.003\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NISx64\1609000.047\ccSetx64.sys [174240 2017-02-07] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-11-04] (Gemalto)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\IPSDefs\20170303.001\IDSvia64.sys [1038024 2017-02-08] (Symantec Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-03] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-05] (Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ROCKEYNT; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [36904 2013-12-04] (Feitian Technologies Co., Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-03] (Synaptics Incorporated)
U5 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [2668424 2015-12-10] ()
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-21] (Sonix Tech. Co., Ltd.)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SRTSP64.SYS [760992 2017-02-07] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NISx64\1609000.047\SRTSPX64.SYS [49312 2017-02-07] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SYMEFASI64.SYS [1716896 2017-02-07] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NISx64\1609000.047\SymELAM.sys [24616 2017-02-07] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-09] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NISx64\1609000.047\Ironx64.SYS [291480 2017-02-07] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NISx64\1609000.047\SYMNETS.SYS [567512 2017-02-07] (Symantec Corporation)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [36736 2013-02-08] (The OpenVPN Project) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170120.016\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-05 17:20 - 2017-03-05 17:24 - 00032388 _____ C:\Users\Dios\Desktop\FRST.txt
2017-03-05 17:17 - 2017-03-05 17:17 - 00057667 _____ C:\Users\Dios\Desktop\FRST3.txt
2017-03-05 17:16 - 2017-03-05 17:20 - 00070809 _____ C:\Users\Dios\Desktop\Addition.txt
2017-03-05 17:08 - 2017-03-05 17:08 - 00112640 _____ (forum.viry.cz) C:\Users\Dios\Downloads\FRSTLauncher.exe
2017-03-04 19:22 - 2017-03-05 13:16 - 1937712468 _____ C:\Users\Dios\Downloads\Doctor.Strange.2016.BRRip.XviD.AC3.CZ-AsiToBudePiRaTE.avi
2017-03-03 16:03 - 2017-03-03 16:03 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\21BE4EFF.sys
2017-03-03 16:01 - 2017-03-03 16:02 - 00278528 _____ C:\Users\Dios\Desktop\1. Oceňovací podklady.xls
2017-03-03 12:26 - 2017-03-03 12:26 - 00332520 _____ C:\Users\Dios\Downloads\dokument(12).PDF
2017-03-03 12:23 - 2017-03-03 12:24 - 00307061 _____ C:\Users\Dios\Downloads\dokument(11).PDF
2017-03-03 12:22 - 2017-03-03 12:22 - 00317507 _____ C:\Users\Dios\Downloads\dokument(10).PDF
2017-03-03 12:21 - 2017-03-03 12:21 - 00317507 _____ C:\Users\Dios\Downloads\dokument(9).PDF
2017-03-03 12:05 - 2017-03-03 12:05 - 03011107 _____ C:\Users\Dios\Downloads\vysvetleni-zmena c.1.pdf
2017-03-03 12:02 - 2017-03-03 12:02 - 04376858 _____ C:\Users\Dios\Downloads\prilohy ke změně c. 2.zip
2017-03-03 12:01 - 2017-03-03 12:05 - 00211915 _____ C:\Users\Dios\Downloads\zmena ZD c. 2.pdf
2017-03-03 11:59 - 2017-03-03 11:59 - 01237987 _____ C:\Users\Dios\Downloads\přiloha c. 5.2. ZD - VV.zip
2017-03-03 11:57 - 2017-03-03 11:58 - 49832748 _____ C:\Users\Dios\Downloads\priloha c. 5.1. ZD - 2.cast.zip
2017-03-03 11:55 - 2017-03-03 11:55 - 49984449 _____ C:\Users\Dios\Downloads\priloha c. 5.1. ZD - 1.cast.zip
2017-03-03 11:54 - 2017-03-03 11:54 - 01103395 _____ C:\Users\Dios\Downloads\priloha c. 4 SOD Postup vystavby.zip
2017-03-03 11:52 - 2017-03-03 14:10 - 00000000 ____D C:\Users\Dios\Desktop\UPOL_rekonstrukce areálových komunikací
2017-03-03 11:46 - 2017-03-03 11:47 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV(1).pdf
2017-03-03 08:58 - 2017-03-03 22:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-03 08:57 - 2017-03-05 14:23 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-03 08:57 - 2017-03-03 22:56 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-03 08:56 - 2017-03-03 08:56 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-03 08:56 - 2017-03-03 08:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 08:56 - 2017-03-03 08:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-03 08:56 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-02 12:25 - 2017-03-02 12:25 - 00396895 _____ C:\Users\Dios\Downloads\ZD_, KV.pdf
2017-03-02 12:13 - 2017-03-05 17:09 - 02423808 ____C (Farbar) C:\Users\Dios\Desktop\FRST64.exe
2017-03-02 11:44 - 2017-03-02 11:44 - 00004988 _____ C:\Users\Dios\Documents\cc_20170302_114428.reg
2017-03-02 11:40 - 2017-03-02 11:40 - 00007818 _____ C:\Users\Dios\Documents\cc_20170302_114032.reg
2017-03-02 10:55 - 2017-03-02 10:55 - 00050618 _____ C:\Users\Dios\Documents\cc_20170302_105551.reg
2017-03-02 10:22 - 2017-03-02 10:23 - 00000000 ____D C:\Program Files\CCleaner
2017-03-02 10:22 - 2017-03-02 10:22 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-02 10:22 - 2017-03-02 10:22 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-02 10:22 - 2017-03-02 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-02 10:17 - 2017-03-02 10:17 - 00000000 ____D C:\Users\Dios\Downloads\CCleaner Professional & Business Edition v5.27.5976 (2017)(CZ,SK)
2017-03-02 07:03 - 2017-03-02 07:03 - 00001607 _____ C:\Users\Dios\Desktop\Platby_MPxVC_2017.lnk
2017-02-28 14:56 - 2017-02-28 14:56 - 00022920 _____ C:\Users\Dios\Downloads\cee-19981008_Novy_Matej.pdf
2017-02-28 14:49 - 2017-02-28 14:49 - 00000244 _____ C:\Users\Dios\Desktop\Práce ve výškách - SingingRock Outlet.URL
2017-02-28 14:17 - 2017-02-28 14:17 - 00114517 _____ C:\Users\Dios\Downloads\5556_1.pdf
2017-02-28 11:09 - 2017-02-28 11:09 - 00000000 ____D C:\Program Files\NortonInstaller
2017-02-28 10:43 - 2017-02-28 10:43 - 00072374 _____ C:\Users\Dios\Downloads\IrwPrintShoppingList.pdf
2017-02-27 12:45 - 2017-02-27 12:45 - 00153229 _____ C:\Users\Dios\Downloads\SC_CC_15x15_FY17_cz.pdf
2017-02-27 07:08 - 2017-02-27 07:20 - 00000000 ____D C:\Users\Dios\Downloads\Nocturnal.Animals.2016.BRRip.XviD.AC3.CZ-PiRaTE
2017-02-26 13:07 - 2017-02-26 13:07 - 00003404 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-02-25 20:39 - 2017-02-27 06:41 - 2971028847 _____ C:\Users\Dios\Downloads\Fantastická zvířata a kde je najít.mkv
2017-02-23 10:54 - 2017-02-23 10:54 - 00201881 _____ C:\Users\Dios\Downloads\98432-1468912.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569675 _____ C:\Users\Dios\Downloads\98431-1529786_zadávací dokumentace.pdf
2017-02-23 10:53 - 2017-02-23 10:53 - 01569575 _____ C:\Users\Dios\Downloads\98431-1529786.pdf
2017-02-23 10:46 - 2017-02-23 10:46 - 02234269 _____ C:\Users\Dios\Downloads\97802-6936461.pdf
2017-02-23 10:43 - 2017-02-23 10:43 - 02197263 _____ C:\Users\Dios\Downloads\97801-5119059.pdf
2017-02-23 10:42 - 2017-02-23 10:42 - 02162545 _____ C:\Users\Dios\Downloads\97799-2870263.pdf
2017-02-23 10:41 - 2017-02-23 10:41 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441(1).pdf
2017-02-23 10:17 - 2017-02-23 10:17 - 00162192 _____ C:\Users\Dios\Downloads\97798-6613698.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00189715 _____ C:\Users\Dios\Downloads\97797-8421441_Zápis o předání a převzetí staveniště.pdf
2017-02-23 08:42 - 2017-02-23 08:42 - 00184852 _____ C:\Users\Dios\Downloads\97797-8421441.pdf
2017-02-23 08:38 - 2017-02-23 08:38 - 06017067 _____ C:\Users\Dios\Downloads\97794-7355759.pdf
2017-02-23 08:37 - 2017-02-23 08:37 - 00018514 _____ C:\Users\Dios\Downloads\98428-2287615.pdf
2017-02-23 08:31 - 2017-02-23 08:34 - 00031232 _____ C:\Users\Dios\Desktop\2. Rozpočet ukazatele.xls
2017-02-21 09:56 - 2017-02-21 09:57 - 00214438 _____ C:\Users\Dios\Downloads\IF_5546_3.pdf
2017-02-21 07:15 - 2017-02-21 07:49 - 1369619519 _____ C:\Users\Dios\Downloads\The.Girl.On.The.Train.2016.WEB-DL.AVC.CZ-AsiToBudePiRaTE.mp4
2017-02-18 12:45 - 2017-02-18 13:11 - 1127147918 _____ C:\Users\Dios\Downloads\Prazdniny v Provence (2016).avi
2017-02-17 13:05 - 2017-02-17 13:05 - 00000303 _____ C:\Users\Dios\Desktop\PTservis.txt
2017-02-17 12:35 - 2017-02-20 10:28 - 00042464 _____ C:\Users\Dios\Desktop\V.O. Opavská_porovnání.xlsx
2017-02-17 12:09 - 2017-02-17 12:09 - 00567465 _____ C:\Users\Dios\Downloads\dodatecna_informace_c2-rybnik_lhota.pdf
2017-02-17 10:12 - 2017-02-17 10:12 - 00099681 _____ C:\Users\Dios\Downloads\dokument(8).pdf
2017-02-17 08:27 - 2017-02-17 08:43 - 1743691776 _____ C:\Users\Dios\Downloads\Bezva ženská na krku (2016) (CZ).avi
2017-02-15 12:52 - 2017-02-15 13:12 - 00026080 _____ C:\Users\Dios\Desktop\Kompostové hospodářství_sledování fakturace.xlsx
2017-02-15 07:47 - 2017-02-15 07:54 - 00000000 ____D C:\Users\Dios\Downloads\Deepwater.Horizon.2016.BRRip.XViD.AC3.CZ-S1LV3R
2017-02-14 11:43 - 2017-02-14 11:43 - 04897565 _____ C:\Users\Dios\Downloads\P r i k a z_s m l o u v a_T D S+a d m_f i n a l_2.pdf
2017-02-14 09:46 - 2017-02-14 09:46 - 00104675 _____ C:\Users\Dios\Downloads\příkazní na výkon TDS-zverej.pdf
2017-02-13 18:18 - 2017-02-13 19:38 - 1549791232 _____ C:\Users\Dios\Downloads\Zúčtování.avi
2017-02-13 14:33 - 2017-02-13 14:33 - 00818926 _____ C:\Users\Dios\Downloads\Ceník_Olomouc_2017.pdf
2017-02-13 14:32 - 2017-02-13 14:32 - 00123708 _____ C:\Users\Dios\Downloads\WWWCENIKSTEPANOV2015.pdf
2017-02-13 14:29 - 2017-02-13 14:29 - 00832521 _____ C:\Users\Dios\Downloads\Cenik_2016.pdf
2017-02-13 13:41 - 2017-02-13 13:41 - 00704994 _____ C:\Users\Dios\Downloads\00_Vyzva_rybnik_Lhota(1).pdf
2017-02-13 13:38 - 2017-02-13 13:38 - 00527670 _____ C:\Users\Dios\Downloads\egadup6mgutm7rctjiq3p5rpp0_1483009720_Oznámení o vyloučení uchazeče z výběrového řízení.pdf
2017-02-13 12:47 - 2017-02-13 12:47 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla(1).pdf
2017-02-12 20:26 - 2017-02-12 21:33 - 00000000 ____D C:\Users\Dios\Downloads\Povinnost a čest Act of Valor (2012)
2017-02-12 20:19 - 2017-02-12 21:48 - 766113532 _____ C:\Users\Dios\Downloads\Trollové.avi
2017-02-11 14:36 - 2017-02-11 16:16 - 1278392984 _____ C:\Users\Dios\Downloads\Musim te svest cz xvid-calibrum2.avi
2017-02-11 10:39 - 2017-02-15 13:35 - 00011465 _____ C:\Users\Dios\Desktop\Dovolená.xlsx
2017-02-11 10:27 - 2017-02-11 11:59 - 1932204032 _____ C:\Users\Dios\Downloads\Kobry a užovky.avi
2017-02-09 16:09 - 2017-02-09 17:12 - 1014570955 _____ C:\Users\Dios\Downloads\Avatar.avi
2017-02-09 14:21 - 2017-02-09 14:21 - 06111589 _____ C:\Users\Dios\Downloads\Úprava prostranství před Priorem.pdf
2017-02-09 13:16 - 2017-02-09 13:16 - 00443149 _____ C:\Users\Dios\Downloads\splatky_bez_navyseni_pravidla.pdf
2017-02-09 10:04 - 2017-02-09 10:08 - 00000000 ____D C:\Users\Dios\Downloads\Storks.2016.BRRip.XviD.AC3.CZ.SK-PiRaTE
2017-02-09 09:34 - 2017-03-03 23:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-02-09 09:19 - 2017-02-09 09:19 - 00666620 _____ C:\Users\Dios\Downloads\00_Vyzva_-_demolice_M5-L11-oprava.pdf
2017-02-09 09:04 - 2017-02-09 09:40 - 00000000 ____D C:\Users\Dios\Desktop\Hygienické zařízení-apresski
2017-02-08 14:38 - 2017-02-08 15:21 - 736397312 _____ C:\Users\Dios\Downloads\jpa.avi
2017-02-07 12:53 - 2017-02-07 13:13 - 00327680 _____ C:\Users\Dios\Desktop\UPOL_Výkaz výměr_rev2_2003_poptávka.xls
2017-02-07 12:32 - 2017-02-07 12:32 - 00000000 ____D C:\Users\Dios\Documents\Wondershare
2017-02-07 12:29 - 2017-02-07 12:29 - 00000000 ____D C:\ProgramData\Wondershare
2017-02-07 12:28 - 2017-02-07 12:28 - 00000000 ____D C:\Users\Dios\AppData\Roaming\HMYGSetting
2017-02-07 12:21 - 2017-02-07 12:21 - 00000000 ____D C:\Users\Dios\AppData\Local\Wondershare
2017-02-07 12:20 - 2017-03-02 07:24 - 00000000 ____D C:\Users\Dios\.android
2017-02-07 12:12 - 2017-02-07 12:25 - 00000000 ____D C:\Users\Dios\Downloads\Eye.in.the.Sky.2015.BRRip.XviD.AC3.CZ-Ex
2017-02-07 09:19 - 2017-02-07 09:19 - 00000000 ____D C:\Users\Dios\Downloads\Blood.Father.2016.BDRip.x264.CZ
2017-02-07 09:15 - 2017-02-07 09:15 - 00000000 ____D C:\Users\Dios\Downloads\Wondershare MobileTrans v7.4.6.429 Final + Serials
2017-02-07 08:31 - 2017-02-07 08:41 - 00314498 _____ C:\Users\Dios\Desktop\S.M. Olomouc - 04 Výkaz výměr_rev1 - porovnání.xlsx
2017-02-06 14:49 - 2017-02-06 14:49 - 01812343 _____ C:\Users\Dios\Downloads\3963_3483_239_2016_mikulicova.pdf
2017-02-06 14:47 - 2017-02-06 14:47 - 00213446 _____ C:\Users\Dios\Downloads\3997_oceneni_bytu.pdf
2017-02-06 12:41 - 2017-02-06 12:41 - 00105359 _____ C:\Users\Dios\Downloads\dokument(7).pdf
2017-02-06 09:46 - 2017-02-06 09:46 - 00019524 _____ C:\Users\Dios\Downloads\cee-19891002_Vcelik_Tomas.pdf
2017-02-06 09:13 - 2017-02-06 09:13 - 00496908 _____ C:\Users\Dios\Downloads\PGY-cenik-2016.pdf
2017-02-06 09:04 - 2017-02-06 09:05 - 00176915 _____ C:\Users\Dios\Downloads\Ceník-2016-platnost-od-1.4.2016.pdf
2017-02-06 08:32 - 2017-02-06 08:45 - 1506766848 _____ C:\Users\Dios\Downloads\Jesse Stone Ztracen v Paradise.avi
2017-02-04 19:00 - 2017-02-04 21:41 - 976465920 _____ C:\Users\Dios\Downloads\Máma mezi Marťany.avi
2017-02-03 16:06 - 2017-02-03 17:17 - 1499277312 _____ C:\Users\Dios\Downloads\Toy.Story.3.480p.BRRip.XviD.AC3.CZ-lukasenko79.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-05 17:27 - 2014-05-29 20:12 - 00000000 ____D C:\Users\Dios\AppData\Roaming\uTorrent
2017-03-05 17:24 - 2015-05-21 06:39 - 00000000 ___DC C:\FRST
2017-03-05 17:23 - 2014-07-23 13:21 - 00000000 ____D C:\Users\Dios\Desktop\Odvirování
2017-03-05 17:04 - 2016-11-16 06:52 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Mozilla
2017-03-05 17:03 - 2016-09-15 07:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-05 14:24 - 2012-02-11 08:08 - 00000000 ____D C:\Users\Dios\AppData\Roaming\vlc
2017-03-05 12:55 - 2016-01-04 07:30 - 00000000 ___RD C:\Users\Dios\iCloudDrive
2017-03-04 20:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-04 20:29 - 2015-04-16 11:10 - 00000000 ____D C:\KROSplusData
2017-03-04 18:56 - 2016-09-15 08:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-03-04 13:11 - 2016-12-20 10:48 - 00003228 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDios
2017-03-04 13:11 - 2016-12-20 10:48 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDios.job
2017-03-04 09:00 - 2012-01-05 19:01 - 00000000 ____D C:\Users\Dios\AppData\Local\Adobe
2017-03-04 08:55 - 2011-12-01 10:57 - 00000000 ____D C:\Users\Dios\AppData\Local\CrashDumps
2017-03-03 23:03 - 2016-09-15 07:10 - 02439140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-03 23:03 - 2016-07-16 23:25 - 00914338 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-03 23:03 - 2016-07-16 23:25 - 00237032 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-03 22:58 - 2012-01-06 20:56 - 00000000 ____D C:\Users\Dios\AppData\Local\Apple
2017-03-03 22:55 - 2016-09-15 08:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 22:53 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 17:30 - 2015-05-03 15:11 - 00000000 ____D C:\Users\Dios\Downloads\Other
2017-03-03 12:03 - 2012-09-27 10:25 - 00000000 ____D C:\Users\Dios\AppData\Local\GHISLER
2017-03-03 08:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 08:34 - 2015-12-01 09:49 - 00000000 ___DC C:\AdwCleaner
2017-03-03 08:22 - 2014-09-19 15:00 - 00001167 _____ C:\Users\Dios\Documents\RESUME.XLW
2017-03-03 07:20 - 2016-12-14 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-03 07:20 - 2014-08-09 18:45 - 00000000 ____D C:\Program Files (x86)\uTorrent
2017-03-03 06:58 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-03 06:52 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-03 06:52 - 2011-12-01 11:17 - 00000000 ____D C:\Users\Dios\AppData\LocalLow\Temp
2017-03-03 06:49 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-02 11:54 - 2014-07-22 08:33 - 00000000 ____D C:\Program Files\trend micro
2017-03-02 10:29 - 2016-11-01 17:33 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 07:14 - 2017-01-18 13:52 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-02 07:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-01 14:47 - 2017-01-18 13:52 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-01 14:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-28 12:54 - 2016-01-11 13:53 - 00054660 _____ C:\Users\Dios\Desktop\Sledování cash flow II.xlsx
2017-02-28 12:47 - 2016-04-24 11:47 - 00027991 _____ C:\Users\Dios\Desktop\byt vybavení.xlsx
2017-02-27 08:59 - 2012-12-14 13:16 - 00002286 ____H C:\Users\Dios\Documents\Default.rdp
2017-02-26 18:03 - 2015-06-12 07:04 - 00000000 ____D C:\Program Files\Common Files\AV
2017-02-26 13:07 - 2017-01-20 09:58 - 00002484 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2017-02-26 13:07 - 2017-01-20 09:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2017-02-26 13:07 - 2016-03-22 07:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2017-02-24 09:25 - 2016-07-19 09:13 - 00000000 ____D C:\Stavitel
2017-02-24 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-24 07:51 - 2016-09-02 06:37 - 00002209 _____ C:\Users\Public\Desktop\Internet Manager.lnk
2017-02-24 07:51 - 2016-09-02 06:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2017-02-23 19:07 - 2016-02-22 13:14 - 00000000 ____D C:\Users\Dios\Downloads\Filmy
2017-02-23 11:10 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 11:09 - 2013-07-21 05:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 10:56 - 2011-11-14 08:50 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 08:01 - 2015-10-09 20:19 - 00000000 ____D C:\Users\Dios\AppData\Local\Packages
2017-02-22 08:01 - 2012-12-11 14:12 - 00000000 ____D C:\Users\Dios\Downloads\iPod Photo Cache
2017-02-19 19:16 - 2016-03-09 08:33 - 00022528 _____ C:\Users\Dios\Desktop\Passwords_09032016.xlsx
2017-02-17 09:39 - 2013-10-30 08:15 - 00000000 ____D C:\Users\Dios\AppData\Roaming\Nitro
2017-02-16 22:59 - 2016-09-15 07:11 - 00000000 ____D C:\Users\Dios
2017-02-16 13:21 - 2014-03-20 17:19 - 00064512 _____ C:\Users\Dios\Desktop\Půjčky_VC(HP).xls
2017-02-15 14:37 - 2012-08-03 20:17 - 00000000 ____D C:\Users\Dios\AppData\Local\The Witcher
2017-02-13 06:23 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-11 10:52 - 2016-11-01 09:00 - 00002201 _____ C:\Users\Public\Desktop\Money S3.lnk
2017-02-09 09:28 - 2017-01-20 09:53 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2017-02-09 09:16 - 2017-01-20 09:58 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-02-09 09:16 - 2017-01-20 09:58 - 00008298 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-03-07 09:59 - 2016-03-07 10:33 - 0000034 _____ () C:\Users\Dios\AppData\Roaming\AdobeWLCMCache.dat
2016-07-12 11:32 - 2016-07-12 11:32 - 0009317 _____ () C:\Users\Dios\AppData\Roaming\Hodnoty oddělené čárkami (Windows).EML
2014-01-22 07:15 - 2015-08-17 08:45 - 0024299 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-07-12 10:03 - 2016-08-17 08:01 - 0009306 _____ () C:\Users\Dios\AppData\Roaming\Microsoft Excel 97-2003.EML
2014-07-17 06:43 - 2016-01-21 08:53 - 0007614 _____ () C:\Users\Dios\AppData\Local\resmon.resmoncfg
2012-01-26 19:25 - 2012-01-26 19:41 - 0001223 _____ () C:\ProgramData\hpzinstall.log
2012-09-14 10:29 - 2014-07-29 09:10 - 0000299 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-27 07:24

==================== End of FRST.txt ============================

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu