Prosím o preventivku

[slamax]

GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-03-13 16:08:47
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002b ST1000LM024_HN-M101MBB rev.2AR10001 931,51GB
Running: gmer.exe; Driver: C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys


---- Disk sectors - GMER 2.2 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- Threads - GMER 2.2 ----

Thread C:\WINDOWS\system32\svchost.exe [832:936] 00007fffe0c4f950
Thread C:\WINDOWS\system32\svchost.exe [832:940] 00007fffe0c4ed20
Thread C:\WINDOWS\system32\svchost.exe [832:952] 00007fffe0a48ae0
Thread C:\WINDOWS\system32\svchost.exe [516:1156] 00007fffdcd9a770
Thread C:\WINDOWS\system32\svchost.exe [516:3956] 00007fffd1bdac90
Thread C:\WINDOWS\system32\svchost.exe [516:3968] 00007fffd1bd3590
Thread C:\WINDOWS\system32\svchost.exe [516:68] 00007fffd0449040
Thread C:\WINDOWS\system32\svchost.exe [516:4596] 00007fffd74099e0
Thread C:\WINDOWS\system32\svchost.exe [516:6460] 00007fffdaaf2cf0
Thread C:\WINDOWS\system32\svchost.exe [516:5232] 00007fffd2d01670
Thread C:\WINDOWS\system32\svchost.exe [516:10212] 00007fffd4fa5bc0
Thread C:\WINDOWS\system32\svchost.exe [516:2688] 00007fffdcd96080
Thread C:\WINDOWS\system32\svchost.exe [516:7532] 00007fffdcd9b590
Thread C:\WINDOWS\system32\svchost.exe [1548:1600] 00007fffd74744b0
Thread C:\WINDOWS\system32\svchost.exe [1548:1764] 00007fffe1556750
Thread C:\WINDOWS\system32\csrss.exe [9896:9060] ffffd0e2a7de6c20

---- EOF - GMER 2.2 ----

[slamax]

GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-03-13 16:27:48
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002b ST1000LM024_HN-M101MBB rev.2AR10001 931,51GB
Running: gmer.exe; Driver: C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys


---- User code sections - GMER 2.2 ----

.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlQueryEnvironmentVariable 00007fffe5fb07e0 5 bytes JMP 00007fffcc703100
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlDecompressBuffer 00007fffe600dec0 5 bytes JMP 00007fffcc702ff0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationProcess 00007fffe60263e0 5 bytes JMP 00007fffcc7031f0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 00007fffe60265c0 5 bytes JMP 00007fffcc7029a0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00007fffe6026800 5 bytes JMP 00007fffcc7027e0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenEvent 00007fffe60268c0 5 bytes JMP 00007fffcc702d30
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateEvent 00007fffe60269c0 5 bytes JMP 00007fffcc702cd0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtResumeThread 00007fffe6026b00 1 byte JMP 00007fffcc702b90
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtResumeThread + 2 00007fffe6026b02 3 bytes {JMP 0xffffffffe66dc090}
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateMutant 00007fffe60275d0 5 bytes JMP 00007fffcc702d80
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateSemaphore 00007fffe6027730 5 bytes JMP 00007fffcc702e30
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateUserProcess 00007fffe6027850 1 byte JMP 00007fffcc702ee0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateUserProcess + 2 00007fffe6027852 3 bytes {JMP 0xffffffffe66db690}
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenMutant 00007fffe6028350 1 byte JMP 00007fffcc702de0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenMutant + 2 00007fffe6028352 3 bytes {JMP 0xffffffffe66daa90}
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenSemaphore 00007fffe6028430 5 bytes JMP 00007fffcc702e90
? C:\WINDOWS\SYSTEM32\dbgcore.DLL [2612] entry point in ".rdata" section 000000006f2bc940
? C:\WINDOWS\SYSTEM32\iertutil.dll [2612] entry point in ".rdata" section 00000000721e1590
? C:\WINDOWS\SYSTEM32\atlthunk.dll [2612] entry point in ".data" section 000000006bec4290
? C:\Windows\System32\ActXPrxy.dll [2612] entry point in ".rdata" section 00000000628e9c50
? C:\WINDOWS\System32\apphelp.dll [2612] entry point in ".rdata" section 000000006a20f7c0
? C:\WINDOWS\system32\mssprxy.dll [2612] entry point in ".rdata" section 000000006214a650
? C:\Windows\System32\smartscreenps.dll [2612] entry point in ".rdata" section 0000000068ba58a0
? C:\WINDOWS\system32\apphelp.dll [10044] entry point in ".rdata" section 000000006a20f7c0
? C:\WINDOWS\SYSTEM32\iertutil.dll [10044] entry point in ".rdata" section 00000000721e1590
? C:\Windows\System32\ieproxy.dll [10044] entry point in ".rdata" section 0000000071a89600
? C:\Windows\System32\OneCoreCommonProxyStub.dll [10044] entry point in ".rdata" section 00000000716bda90
? C:\WINDOWS\system32\apphelp.dll [4428] entry point in ".rdata" section 000000006a20f7c0

---- Threads - GMER 2.2 ----

Thread C:\WINDOWS\system32\svchost.exe [832:936] 00007fffe0c4f950
Thread C:\WINDOWS\system32\svchost.exe [832:940] 00007fffe0c4ed20
Thread C:\WINDOWS\system32\svchost.exe [832:952] 00007fffe0a48ae0
Thread C:\WINDOWS\system32\svchost.exe [516:1156] 00007fffdcd9a770
Thread C:\WINDOWS\system32\svchost.exe [516:3956] 00007fffd1bdac90
Thread C:\WINDOWS\system32\svchost.exe [516:3968] 00007fffd1bd3590
Thread C:\WINDOWS\system32\svchost.exe [516:68] 00007fffd0449040
Thread C:\WINDOWS\system32\svchost.exe [516:4596] 00007fffd74099e0
Thread C:\WINDOWS\system32\svchost.exe [516:6460] 00007fffdaaf2cf0
Thread C:\WINDOWS\system32\svchost.exe [516:5232] 00007fffd2d01670
Thread C:\WINDOWS\system32\svchost.exe [516:10212] 00007fffd4fa5bc0
Thread C:\WINDOWS\system32\svchost.exe [516:2688] 00007fffdcd96080
Thread C:\WINDOWS\system32\svchost.exe [516:7532] 00007fffdcd9b590
Thread C:\WINDOWS\system32\svchost.exe [1548:1600] 00007fffd74744b0
Thread C:\WINDOWS\system32\svchost.exe [1548:1764] 00007fffe1556750
Thread C:\WINDOWS\system32\csrss.exe [9896:9060] ffffd0e2a7de6c20

---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -1890209304
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14884802891092288@SetupOperations ?????????????????@?@?@?@?A?A?A?A?B?B????????????????????????????????????????????????????? ???????>??????????????????????P?0????????????????????????e????aswSnx????????????????????????????L????????????n????avast! virtualization driver (aswSnx)???????????? ???????????????m??td???????????v????????????P??????????????&??\SystemRoot\system32\drivers\aswSnx.sys?ys?sab????0?????????p???FSFilter Virtualization?????????????????????????FltMgr??????? ?????????????B???????????????? ?????????s??????? ??B???????????e?????????????B????????????????????MoveFile("\??\C:\Program Files\AVAST Software\Avast\HTM2A5F.tmp","\??\C:\Program Files\AVAST Software\Avast\HTMLayout.dll",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\avB2D40.tmp","\??\C:\Program Files\AVAST Software\Avast\avBugReport.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\AvD2E7B.tmp","\??\C:\Program Files\AVAST Software\Avast\AvDump32.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\x64\AvD2F48.tmp","\??\C:\Program Files\AVAS
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\c8-3a-35-48-de-58@AddressCreationTimestamp 0x41 0x42 0xD7 0x0E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 4206
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x47 0x00 0xDB 0x72 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x47 0x68 0x9F 0xD4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x47 0x98 0x16 0x11 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@E7CF176E110C211B 0xE9 0x5A 0x81 0x2C ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\notepad.exe 0x3C 0xDF 0x64 0xB2 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{03C3F6CF-3697-492A-9465-9303D1D192C3}
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{03C3F6CF-3697-492A-9465-9303D1D192C3}@LastAccessedTime 0xB0 0x80 0x56 0xAC ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{03C3F6CF-3697-492A-9465-9303D1D192C3}@AppId {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Z?hada skateparku\Z?hada skateparku.exe
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{03C3F6CF-3697-492A-9465-9303D1D192C3}@LaunchCount 1
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{61CCD3E9-E75A-4EC6-9F88-22A098EF486C}@LastAccessedTime 0x50 0x7A 0x62 0xB2 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{61CCD3E9-E75A-4EC6-9F88-22A098EF486C}@LaunchCount 8
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{8D66CB18-1F67-4BF4-B32E-F7F2BE56E783}@LastAccessedTime 0x20 0xAD 0x09 0xD7 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{8D66CB18-1F67-4BF4-B32E-F7F2BE56E783}@LaunchCount 3

---- Disk sectors - GMER 2.2 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.2 ----

[Kodlz]

poprosim Te znovu o logy z FRST.

[slamax]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
Ran by Slamak (administrator) on SLAMAKACER (13-03-2017 19:50:32)
Running from C:\Users\Slamak\Desktop
Loaded Profiles: Slamak (Available Profiles: Slamak)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Slamak\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-02-08] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [14517936 2016-07-14] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [24742760 2016-10-21] (eM Client s.r.o.)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [ProgLauncher] => C:\Program Files (x86)\ProgDVB\ProgLauncher.exe [400584 2016-08-26] ()
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GEN] => "C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe"
IFEO\acpanel_win.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\googledrivesync.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\myheritage.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progdvbnet.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progguide.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progtv.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skineditor.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-11-22]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk [2013-11-26]
ShortcutTarget: TrayMenu.lnk -> C:\Windows\SysWOW64\C2MP\TrayMenu.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.154.240.3 10.154.240.66
Tcpip\..\Interfaces\{5ebae234-8da9-4cf8-be43-1d89008d74f4}: [DhcpNameServer] 10.154.240.3 10.154.240.66
Tcpip\..\Interfaces\{f77bfe06-ae58-4493-81ba-fffbdc2587a6}: [DhcpNameServer] 10.154.240.3 10.154.240.66

Internet Explorer:
==================
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope {6A9BB02B-2030-4929-AE57-F965133B84E3} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> {6A9BB02B-2030-4929-AE57-F965133B84E3} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-12] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default [2017-03-13]
FF user.js: detected! => C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\user.js [2017-03-02]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\gjyzp0az.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\gjyzp0az.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\gjyzp0az.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\gjyzp0az.default -> hxxps://www.seznam.cz/
FF Extension: (Avast Passwords) - C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2017-02-10]
FF Extension: (Password Exporter) - C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-03-12]
FF SearchPlugin: C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\searchplugins\seznam-avast.xml [2015-02-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-28] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13906
CHR StartupUrls: Default -> "hxxp://websearch.just-browse.info/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&i ... hannel=rcs
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default [2017-03-10]
CHR Extension: (CacheList) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2016-11-09]
CHR Extension: (Dokumenty Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-10]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-10]
CHR Extension: (YouTube) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Avast Online Security) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-12-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-10]
CHR Extension: (Avast Passwords) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-02-15]
CHR Extension: (Avast SafePrice) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-10]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-10]
CHR Extension: (Save the Penguin) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinohkicpolgdfgajpflbaoimmnaeibb [2017-02-24]
CHR Extension: (Gmail) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-15]
CHR Extension: (Geoseznam) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkejgpgaflkeonkliblcplomemekogop [2016-07-06]
CHR HKU\S-1-5-21-3621977129-2832859686-462106091-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-02] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-26] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-07] (Freemake) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-02-08] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-03-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-02] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-02] (AVAST Software)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (www.winchiphead.com)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-12] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-02-08] (Dritek System Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 kwlcruod; C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys [56584 2017-03-13] (GMER) [File not signed] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-13 19:50 - 2017-03-13 19:52 - 00023655 _____ C:\Users\Slamak\Desktop\FRST.txt
2017-03-13 19:48 - 2017-03-13 19:48 - 00112640 _____ (forum.viry.cz) C:\Users\Slamak\Desktop\FRSTLauncher.exe
2017-03-13 19:43 - 2017-03-13 19:43 - 00000000 ____D C:\Users\Slamak\Desktop\FRST-OlderVersion
2017-03-13 16:00 - 2017-03-13 16:00 - 00371282 _____ C:\Users\Slamak\Downloads\gmer(1).zip
2017-03-13 15:50 - 2017-03-13 15:50 - 00371282 _____ C:\Users\Slamak\Downloads\gmer.zip
2017-03-13 15:39 - 2017-03-13 15:39 - 00075257 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-13-1791.pdf
2017-03-13 15:39 - 2017-03-13 15:39 - 00017313 _____ C:\Users\Slamak\Downloads\output(2).pdf
2017-03-13 15:33 - 2017-03-13 15:33 - 00000661 _____ C:\Users\Slamak\Downloads\objednavka_export_13-03-2017-15-33-11.csv
2017-03-13 15:09 - 2017-03-13 15:09 - 00018396 _____ C:\Users\Slamak\Downloads\ordersXML(11).xml
2017-03-13 07:03 - 2017-03-13 07:03 - 00009072 _____ C:\Users\Slamak\Downloads\output(1).pdf
2017-03-13 07:00 - 2017-03-13 07:00 - 00006166 _____ C:\Users\Slamak\Downloads\ordersXML(10).xml
2017-03-13 07:00 - 2017-03-13 07:00 - 00000122 _____ C:\Users\Slamak\Downloads\objednavka_export_13-03-2017-07-00-45.csv
2017-03-13 06:43 - 2017-03-13 06:43 - 00012949 _____ C:\Users\Slamak\Downloads\output.pdf
2017-03-12 23:17 - 2017-03-12 23:17 - 00000355 _____ C:\Users\Slamak\Downloads\objednavka_export_12-03-2017-23-17-50.csv
2017-03-12 23:12 - 2017-03-12 23:12 - 00012002 _____ C:\Users\Slamak\Downloads\ordersXML(9).xml
2017-03-12 16:55 - 2017-03-12 17:15 - 1731911076 _____ C:\Users\Slamak\Downloads\ostravak.ostravski.2016.480p.DVDRip.XVID.AC3.CZ.avi
2017-03-12 16:52 - 2017-03-12 17:27 - 981307392 _____ C:\Users\Slamak\Downloads\Prichozi - Arrival (2016)_cz dab.avi.part
2017-03-12 15:16 - 2017-03-12 15:16 - 00075639 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-12-1103.pdf
2017-03-12 15:00 - 2017-03-12 15:00 - 00011919 _____ C:\Users\Slamak\Downloads\ordersXML(8).xml
2017-03-11 20:07 - 2017-03-11 20:07 - 00425906 _____ C:\Users\Slamak\Downloads\483507292.pdf
2017-03-11 20:02 - 2017-03-11 20:02 - 00569168 _____ C:\Users\Slamak\Downloads\489734385.pdf
2017-03-11 20:01 - 2017-03-11 20:01 - 00430352 _____ C:\Users\Slamak\Downloads\486648024.pdf
2017-03-10 21:12 - 2017-03-10 21:13 - 00387172 _____ C:\WINDOWS\Minidump\031017-30937-01.dmp
2017-03-10 21:12 - 2017-03-10 21:12 - 588130465 _____ C:\WINDOWS\MEMORY.DMP
2017-03-10 19:11 - 2017-03-10 19:12 - 00359501 _____ C:\Users\Slamak\Downloads\14436469(1).pdf
2017-03-10 19:08 - 2017-03-10 19:10 - 00359501 _____ C:\Users\Slamak\Downloads\14436469.pdf
2017-03-10 17:40 - 2017-03-10 17:40 - 00005936 _____ C:\Users\Slamak\Downloads\ordersXML(7).xml
2017-03-10 17:13 - 2017-03-08 12:46 - 00025237 _____ C:\Users\Slamak\Desktop\2017-02-28T02-02 Transakce č. 1055832024528472-2355991.pdf
2017-03-10 17:11 - 2017-03-10 17:12 - 00022726 _____ C:\Users\Slamak\Downloads\2017-02-01–2017-02-28_Transakce(1).zip
2017-03-10 13:58 - 2017-03-12 14:36 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-10 13:58 - 2017-03-10 13:58 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-10 13:58 - 2017-03-10 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-10 13:58 - 2017-03-10 13:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-10 13:58 - 2017-03-10 13:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-10 13:58 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-10 13:57 - 2017-03-10 13:57 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-10 13:43 - 2017-03-10 13:48 - 00000000 ____D C:\AdwCleaner
2017-03-10 13:41 - 2017-03-10 13:43 - 04031440 _____ C:\Users\Slamak\Desktop\adwcleaner_6.044.exe
2017-03-10 07:02 - 2017-03-10 07:02 - 00002812 _____ C:\Users\Slamak\Downloads\ordersXML(6).xml
2017-03-09 22:49 - 2017-03-09 22:49 - 00000311 _____ C:\Users\Slamak\Downloads\objednavka_export_09-03-2017-22-49-21.csv
2017-03-09 22:45 - 2017-03-09 22:45 - 00002474 _____ C:\Users\Slamak\Downloads\ordersXML(5).xml
2017-03-09 20:28 - 2017-03-10 07:18 - 00000000 ____D C:\Users\Slamak\Desktop\tisk
2017-03-09 20:01 - 2017-03-09 20:01 - 00002120 _____ C:\Users\Slamak\Downloads\ordersXML(4).xml
2017-03-09 19:50 - 2017-03-09 19:50 - 00007733 _____ C:\Users\Slamak\Downloads\ordersXML(3).xml
2017-03-09 14:47 - 2017-03-09 14:47 - 00004714 _____ C:\Users\Slamak\Downloads\ordersXML(2).xml
2017-03-09 13:30 - 2017-03-13 19:50 - 00000000 ____D C:\FRST
2017-03-09 13:21 - 2017-03-13 19:43 - 02424832 _____ (Farbar) C:\Users\Slamak\Desktop\FRST64.exe
2017-03-09 13:12 - 2017-03-09 13:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-09 13:12 - 2017-03-09 13:12 - 00000000 ____D C:\Intel
2017-03-09 07:24 - 2017-03-09 07:24 - 00052736 _____ C:\Users\Slamak\Downloads\GOPAY_112643542-170130-170205.xls
2017-03-09 07:07 - 2017-03-09 07:07 - 00471823 _____ C:\Users\Slamak\Downloads\171019421(1).pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00471991 _____ C:\Users\Slamak\Downloads\171010674.pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00471668 _____ C:\Users\Slamak\Downloads\171013755.pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00470862 _____ C:\Users\Slamak\Downloads\171016549(1).pdf
2017-03-09 01:17 - 2017-03-09 01:17 - 12935296 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 11330576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 01086408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00975184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00558728 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00553424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00242800 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00206000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00051184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 13046920 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 10829448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 05925984 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 03529352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 03139208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00593544 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00560776 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00536664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00460936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00458376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00450184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00449160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00447112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00446600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00428680 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00402568 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00348808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00304264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00300128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00276064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00206944 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00193160 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00160392 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00145032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2017-03-09 01:16 - 2017-03-09 01:16 - 00134280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4459.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00119432 _____ C:\WINDOWS\system32\igdde64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00099464 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00043144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00027784 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2017-03-08 21:46 - 2017-03-08 21:46 - 00022725 _____ C:\Users\Slamak\Downloads\2017-02-01–2017-02-28_Transakce.zip
2017-03-08 21:19 - 2017-03-09 19:30 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2017-03-08 20:52 - 2017-03-08 20:52 - 00001284 _____ C:\Users\Slamak\Desktop\Faktury přijaté 2017 – zástupce.lnk
2017-03-08 20:51 - 2017-03-08 20:51 - 00001194 _____ C:\Users\Slamak\Desktop\Texty shop – zástupce.lnk
2017-03-07 19:42 - 2017-03-07 19:42 - 00000000 ____D C:\rsit
2017-03-07 12:16 - 2017-03-07 12:16 - 00000000 ____D C:\Users\Slamak\fUTkALeaTxM
2017-03-07 08:35 - 2017-03-07 08:35 - 00472563 _____ C:\Users\Slamak\Downloads\171022412.pdf
2017-03-06 18:01 - 2017-03-06 18:01 - 00000000 ____D C:\Users\Slamak\AppData\Local\FileZilla
2017-03-06 17:03 - 2017-03-06 17:03 - 00206521 _____ C:\Users\Slamak\Downloads\492092659.PDF
2017-03-06 17:02 - 2017-03-06 17:02 - 00089630 _____ C:\Users\Slamak\Downloads\492092658.PDF
2017-03-06 15:07 - 2017-03-06 15:11 - 00272470 _____ C:\Users\Slamak\Documents\kaplicka v opre.odt
2017-03-05 18:48 - 2017-03-05 18:48 - 00005615 _____ C:\Users\Slamak\Downloads\ordersXML(1).xml
2017-03-04 23:17 - 2017-03-04 23:17 - 00148566 _____ C:\Users\Slamak\Downloads\T8940540.pdf
2017-03-04 20:49 - 2017-03-04 20:50 - 01185889 _____ C:\Users\Slamak\Downloads\2015_Guidelines_Beer.pdf
2017-03-04 18:25 - 2017-03-04 18:25 - 00008568 _____ C:\Users\Slamak\Downloads\ordersXML.xml
2017-03-04 16:43 - 2017-03-04 16:58 - 1900460032 _____ C:\Users\Slamak\Downloads\Jokri.avi
2017-03-04 16:42 - 2017-03-04 16:49 - 824785610 _____ C:\Users\Slamak\Downloads\Zilionáři-2016-cz-dab.,super-kvalita.avi
2017-03-04 12:45 - 2017-03-04 12:51 - 914463076 _____ C:\Users\Slamak\Downloads\(cetnici-z-luhacovic)-09-dopis-ze-zahrobi--16'--DVBT_CZ-(romin).avi
2017-03-03 12:49 - 2017-03-03 12:49 - 00362130 _____ C:\Users\Slamak\Downloads\cenik-italie-novy.pdf
2017-03-02 23:36 - 2017-03-07 20:34 - 00003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-03-02 22:50 - 2017-03-02 22:50 - 00002594 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-03-02 22:50 - 2017-02-21 09:29 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-03-02 22:47 - 2017-03-02 22:47 - 00000979 _____ C:\Users\Slamak\Desktop\zalohy PROFIT – zástupce.lnk
2017-03-02 22:47 - 2017-03-02 22:47 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-02 22:47 - 2017-03-02 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-03-02 22:45 - 2017-03-13 16:14 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-02 22:45 - 2017-03-02 22:50 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-02 22:44 - 2017-03-02 23:48 - 00000000 ____D C:\Users\Slamak\AppData\Local\AvgSetupLog
2017-03-02 20:32 - 2017-03-02 20:36 - 773026364 _____ C:\Users\Slamak\Downloads\Bezva ženska na krku .2016 komedie cz avi.avi
2017-03-02 19:45 - 2017-03-06 10:37 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-02 19:45 - 2017-03-02 19:43 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-02 19:44 - 2017-03-02 19:44 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-01 10:53 - 2017-03-01 10:53 - 00216324 _____ C:\Users\Slamak\Downloads\newsletter_3.pdf
2017-03-01 01:56 - 2017-03-01 01:56 - 00085710 _____ C:\Users\Slamak\Downloads\Obchodni podminky www.vyrobtesipivo.cz(1).pdf
2017-03-01 00:14 - 2012-01-19 02:27 - 00000000 ____D C:\Users\Slamak\Documents\tni_product_reviews
2017-03-01 00:11 - 2017-03-01 00:11 - 00012813 _____ C:\Users\Slamak\Downloads\tni_product_reviews RECENZE.zip
2017-02-28 23:17 - 2017-02-28 23:17 - 00402839 _____ C:\Users\Slamak\Downloads\sanicleantl.pdf
2017-02-28 22:26 - 2017-02-28 22:26 - 00305226 _____ C:\Users\Slamak\Downloads\PBW_SDS_EN.pdf
2017-02-28 22:26 - 2017-02-28 22:26 - 00238727 _____ C:\Users\Slamak\Downloads\Star_San_HB_SDS_EN.pdf
2017-02-28 21:56 - 2017-02-28 21:56 - 00471823 _____ C:\Users\Slamak\Downloads\171019421.pdf
2017-02-28 16:32 - 2017-02-28 16:33 - 176296836 _____ C:\Users\Slamak\Downloads\RINO-–-Příběh-špióna.part2.rar
2017-02-28 16:31 - 2017-02-28 16:46 - 2086666240 _____ C:\Users\Slamak\Downloads\RINO-–-Příběh-špióna.part1.rar
2017-02-27 19:24 - 2017-02-27 19:24 - 00050584 _____ C:\Users\Slamak\Downloads\4117048648.pdf
2017-02-27 19:24 - 2017-02-27 19:24 - 00048491 _____ C:\Users\Slamak\Downloads\4017047847.pdf
2017-02-27 19:21 - 2017-02-27 19:21 - 00050611 _____ C:\Users\Slamak\Downloads\4117048644.pdf
2017-02-27 19:21 - 2017-02-27 19:21 - 00048203 _____ C:\Users\Slamak\Downloads\4017047844.pdf
2017-02-27 16:14 - 2017-02-27 16:14 - 00003004 _____ C:\Users\Slamak\Downloads\438894670_1_Autentizační údaje(2).pdf
2017-02-27 11:41 - 2017-02-27 11:42 - 00020893 _____ C:\Users\Slamak\Desktop\Order Stanislav Krejci - vyrobtesipivo.cz.ods
2017-02-27 10:36 - 2017-02-27 10:36 - 00235513 _____ C:\Users\Slamak\Desktop\Brouwland_price_list_C20_July_2016_EN.xlsx
2017-02-25 21:04 - 2017-02-25 21:05 - 00530051 _____ C:\Users\Slamak\Downloads\Cenik-01012017.pdf
2017-02-24 19:35 - 2017-02-24 19:36 - 00061322 _____ C:\Users\Slamak\Downloads\050.270.8 en 050.514.9_SPEC_EN_Bavarian Wheat M20.pdf
2017-02-24 19:35 - 2017-02-24 19:35 - 00083215 _____ C:\Users\Slamak\Downloads\050.270.8.pdf
2017-02-24 15:39 - 2017-02-25 20:21 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Electrum
2017-02-24 15:37 - 2017-02-24 15:37 - 00001080 _____ C:\Users\Slamak\Desktop\Electrum.lnk
2017-02-24 15:37 - 2017-02-24 15:37 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2017-02-24 15:37 - 2017-02-24 15:37 - 00000000 ____D C:\Program Files (x86)\Electrum
2017-02-24 15:19 - 2017-02-24 16:16 - 00000074 _____ C:\Users\Slamak\Desktop\Bitcoin.txt
2017-02-24 15:18 - 2017-02-24 15:18 - 00000000 ____D C:\Users\Slamak\Documents\Bitcoin
2017-02-24 15:15 - 2017-02-24 15:16 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\MultiBitHD
2017-02-24 12:53 - 2017-02-24 12:53 - 10262944 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Data Sheets-20170224T115302Z-001.zip
2017-02-23 22:02 - 2017-02-23 22:02 - 00342006 _____ C:\Users\Slamak\Downloads\Kompakt_70l.pdf
2017-02-23 19:59 - 2017-02-23 19:59 - 01816415 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Traditional Series Beer Pouches-20170223T185854Z-001.zip
2017-02-23 19:57 - 2017-02-23 19:58 - 03333638 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Craft Series Yeast-20170223T185729Z-001.zip
2017-02-22 20:46 - 2017-02-22 20:47 - 00100268 _____ C:\Users\Slamak\Desktop\661-1132 Baška Chorvatsko dovolená 2017.htm
2017-02-22 20:46 - 2017-02-22 20:47 - 00000000 ____D C:\Users\Slamak\Desktop\661-1132 Baška Chorvatsko dovolená 2017_soubory
2017-02-22 13:34 - 2017-02-22 13:34 - 07422592 _____ C:\Users\Slamak\Downloads\Katalog_podzim-zima_2016_web.pdf
2017-02-21 18:59 - 2017-02-21 18:59 - 00470854 _____ C:\Users\Slamak\Downloads\171016549.pdf
2017-02-20 22:55 - 2017-02-20 22:55 - 00000444 _____ C:\Users\Slamak\Downloads\csv-ukazka.csv
2017-02-20 16:18 - 2017-02-20 16:39 - 3003922830 _____ C:\Users\Slamak\Downloads\ČETNÍCI-Z-LUHAČOVIC-07.Padělek-FHD-(2017)-CZ-(78PT).avi
2017-02-20 16:14 - 2017-02-20 16:22 - 1063945388 _____ C:\Users\Slamak\Downloads\Bohéma S01E06 - Dvojí tvá_e - TVrip CZserial.avi
2017-02-19 22:04 - 2017-02-19 22:04 - 00045633 _____ C:\Users\Slamak\Downloads\PDFReport.aspx
2017-02-19 18:59 - 2017-02-19 18:59 - 00176219 _____ C:\Users\Slamak\Downloads\plna-moc.pdf
2017-02-19 18:58 - 2017-02-19 18:58 - 00106568 _____ C:\Users\Slamak\Downloads\merkblatt_deutsch.pdf
2017-02-19 18:57 - 2017-02-19 18:57 - 00090301 _____ C:\Users\Slamak\Downloads\StAb-Bau-Fragebg. 2002 - tschech..pdf
2017-02-19 18:56 - 2017-02-19 18:56 - 00018825 _____ C:\Users\Slamak\Downloads\Baustellenübersicht D-CZ.docx(1).pdf
2017-02-19 18:55 - 2017-02-19 18:55 - 00158712 _____ C:\Users\Slamak\Downloads\Fragenbogen CZ.pdf
2017-02-19 18:54 - 2017-02-19 18:55 - 00018825 _____ C:\Users\Slamak\Downloads\Baustellenübersicht D-CZ.docx.pdf
2017-02-19 18:54 - 2017-02-19 18:54 - 00381701 _____ C:\Users\Slamak\Downloads\Ansässigkeitsbescheinigung CZ.pdf
2017-02-18 22:13 - 2017-02-18 22:14 - 67620545 _____ C:\Users\Slamak\Downloads\backup_2017-02-18_22-13.zip
2017-02-18 20:53 - 2017-02-18 20:53 - 00107323 _____ C:\Users\Slamak\Desktop\Pojistka.pdf
2017-02-18 20:51 - 2017-02-18 20:51 - 00102558 _____ C:\Users\Slamak\Downloads\490435551.PDF
2017-02-18 20:15 - 2017-02-18 20:15 - 01377244 _____ C:\Users\Slamak\Downloads\testovaci-ssl-certifikat-thawte.pdf
2017-02-17 07:12 - 2017-02-17 07:12 - 03620092 _____ C:\Users\Slamak\Downloads\UPDATED PRICE LIST VYROBTESIPIVO 08.02.2017.pdf
2017-02-16 16:21 - 2017-02-16 16:32 - 1515676186 _____ C:\Users\Slamak\Downloads\vencep.avi
2017-02-16 16:13 - 2017-02-16 16:30 - 1651857408 _____ C:\Users\Slamak\Downloads\Star Trek Do neznáma.avi
2017-02-14 20:31 - 2017-02-14 21:02 - 1380786652 _____ C:\Users\Slamak\Downloads\Díra u Hanušovic 2014 CZ Film DVDRip.avi
2017-02-14 20:28 - 2017-02-14 20:52 - 1573277696 _____ C:\Users\Slamak\Downloads\Mist_i cz.avi
2017-02-14 20:27 - 2017-02-14 20:54 - 833598328 _____ C:\Users\Slamak\Downloads\Celebrity s.r.o-2016-cz.film-KOMEDIE.avi
2017-02-14 20:25 - 2017-02-14 20:45 - 1156334218 _____ C:\Users\Slamak\Downloads\Brainstorm (2008) _esko Komedie Drama Psychologický.avi
2017-02-14 10:24 - 2017-02-14 10:31 - 1067954768 _____ C:\Users\Slamak\Downloads\Bohema-5.dil-6-Vyhrat-za-kazdou-cenu---12.2.2017.avi
2017-02-13 15:18 - 2017-02-13 15:18 - 00108871 _____ C:\Users\Slamak\Downloads\FAKTURA-56091(1).pdf
2017-02-13 12:55 - 2017-02-13 12:55 - 00290332 _____ C:\Users\Slamak\Downloads\MSDS-Desam Solid (09-2015) Schulke.pdf
2017-02-12 18:58 - 2017-02-12 19:13 - 788600518 _____ C:\Users\Slamak\Downloads\Život-je-život--(cz-komedie-2015).avi
2017-02-12 15:17 - 2017-02-12 15:30 - 2135052994 _____ C:\Users\Slamak\Downloads\Spectre.2015.BRRip.XviD.AC3-RARBG.CZ.dub.avi
2017-02-11 21:16 - 2017-02-11 21:16 - 00108871 _____ C:\Users\Slamak\Downloads\FAKTURA-56091.pdf
2017-02-11 20:28 - 2017-02-12 20:05 - 641228800 _____ C:\Users\Slamak\Downloads\Vejška-Vejška (2014) Komedie.avi
2017-02-11 20:19 - 2017-02-11 22:20 - 973083570 _____ C:\Users\Slamak\Downloads\Učitelka-2016-CZ.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-13 19:45 - 2016-11-18 17:41 - 00000000 ____D C:\Users\Slamak\AppData\LocalLow\Mozilla
2017-03-13 16:37 - 2014-09-21 13:05 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\eM Client
2017-03-13 15:52 - 2014-01-12 13:41 - 00000000 ____D C:\Users\Slamak\Documents\Profit zálohy
2017-03-13 15:21 - 2013-12-29 08:50 - 00000000 ____D C:\Users\Slamak\Documents\exporty profit
2017-03-13 14:55 - 2015-07-30 12:28 - 00000000 ____D C:\Program Files (x86)\PROFIT
2017-03-13 11:37 - 2016-09-21 03:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-12 23:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-12 18:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-12 15:35 - 2014-02-11 20:05 - 00000000 ____D C:\Users\Slamak\Documents\zalohy PROFIT
2017-03-12 14:35 - 2016-09-21 04:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-12 14:35 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-11 20:22 - 2016-09-21 04:05 - 00000000 ____D C:\Users\Slamak
2017-03-10 21:29 - 2014-01-29 23:09 - 00000000 ___SD C:\Users\Slamak\Documents\My Web Sites
2017-03-10 21:27 - 2014-09-29 08:31 - 00000000 ____D C:\Users\Slamak\AppData\LocalLow\Temp
2017-03-10 21:12 - 2016-10-02 10:02 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-10 13:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-09 14:30 - 2016-09-21 04:34 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-03-09 14:30 - 2016-09-21 04:34 - 00002932 _____ C:\WINDOWS\System32\Tasks\Program k provádění aktualizací online Adobe
2017-03-09 14:26 - 2013-10-12 21:31 - 00000000 ____D C:\Users\Slamak\AppData\Local\CrashDumps
2017-03-09 13:12 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 12:40 - 2013-10-05 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-09 12:29 - 2014-10-18 16:12 - 00000000 ____D C:\Users\Slamak\Documents\eM Client
2017-03-09 12:20 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-09 06:45 - 2016-05-29 21:30 - 00071809 _____ C:\Users\Slamak\Desktop\Pivni_vypocty2.ods
2017-03-09 01:17 - 2015-06-01 21:01 - 13182528 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2017-03-09 01:17 - 2015-06-01 21:01 - 11460448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 09025672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 05382856 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-03-09 01:16 - 2015-06-01 21:00 - 00463960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2017-03-09 01:16 - 2015-06-01 21:00 - 00420960 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00193112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00128648 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 00112264 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 00082056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2017-03-08 20:52 - 2013-10-05 14:12 - 00000000 ____D C:\Users\Slamak\Documents\Dokumenty Eshop
2017-03-08 13:50 - 2014-09-24 20:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-07 19:42 - 2014-11-16 21:45 - 00000000 ____D C:\Program Files\trend micro
2017-03-07 12:16 - 2014-06-27 19:35 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Oracle
2017-03-06 18:02 - 2013-10-05 14:32 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\FileZilla
2017-03-06 18:01 - 2013-10-05 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-06 18:01 - 2013-10-05 14:32 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2017-03-06 12:15 - 2014-12-20 21:12 - 00000000 ___RD C:\Users\Slamak\Documents\Scanned Documents
2017-03-04 13:15 - 2015-02-25 18:13 - 00000000 ____D C:\ProgramData\AlawarWrapper
2017-03-04 10:20 - 2014-09-12 20:51 - 00000000 ____D C:\FOTOONLINE
2017-03-03 21:47 - 2014-12-26 06:16 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-03 20:25 - 2014-12-13 12:24 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-03 20:14 - 2016-01-08 08:18 - 00004608 _____ C:\6XSourceFilter.grf
2017-03-03 13:58 - 2017-01-26 19:40 - 00028200 _____ C:\Users\Slamak\Desktop\Nákupy.ods
2017-03-02 23:39 - 2016-09-21 04:34 - 00003188 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-02 23:35 - 2013-10-22 19:50 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Skype
2017-03-02 23:35 - 2013-10-05 17:54 - 00000000 ____D C:\Users\Slamak\AppData\Local\Microsoft Help
2017-03-02 23:35 - 2012-11-22 13:05 - 00000000 ____D C:\ProgramData\Temp
2017-03-02 23:34 - 2016-09-21 04:55 - 00000000 ___DC C:\WINDOWS\Panther
2017-03-02 23:34 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-03-02 22:50 - 2014-05-17 16:17 - 00000000 ____D C:\Users\Slamak\AppData\Local\AVG
2017-03-02 22:47 - 2013-12-27 07:47 - 00000000 ____D C:\ProgramData\AVG
2017-03-02 20:21 - 2016-06-15 17:24 - 00000000 ____D C:\temp
2017-03-02 20:19 - 2016-09-21 04:34 - 00004012 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1453580228
2017-03-02 20:19 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-02 20:19 - 2016-01-23 21:17 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-02 20:00 - 2015-09-24 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-03-02 20:00 - 2015-09-24 18:49 - 00000000 ____D C:\Program Files (x86)\7-Zip
2017-03-02 19:44 - 2014-12-26 06:19 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-02 19:43 - 2016-02-24 08:26 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-03-02 19:43 - 2015-03-08 12:36 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-02 19:43 - 2014-12-26 06:19 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-01 10:57 - 2013-10-05 13:37 - 00001228 _____ C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2017-03-01 00:02 - 2013-10-05 22:37 - 00000000 ____D C:\Users\Slamak\Documents\ESHOP
2017-02-28 07:08 - 2014-08-25 07:57 - 00000000 ____D C:\Users\Slamak\AppData\Local\Adobe
2017-02-28 07:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-28 07:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-27 07:43 - 2016-11-03 14:47 - 00000287 _____ C:\Users\Slamak\Desktop\Nový textový dokument (2).txt
2017-02-27 06:48 - 2012-11-22 13:04 - 00000000 ____D C:\Program Files (x86)\NTI
2017-02-27 06:48 - 2012-11-22 13:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-27 06:43 - 2014-12-24 19:39 - 00000000 ____D C:\Garmin
2017-02-27 06:42 - 2013-10-22 19:50 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 06:40 - 2014-05-29 14:00 - 00000000 ____D C:\ProgramData\Nero
2017-02-27 06:35 - 2017-01-30 22:06 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Foxit Software
2017-02-27 06:35 - 2014-12-29 10:17 - 00000000 ___RD C:\Users\Slamak\OneDrive
2017-02-27 06:34 - 2017-01-30 22:06 - 00000000 ____D C:\ProgramData\Foxit Software
2017-02-24 15:17 - 2017-01-02 19:21 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Bitcoin
2017-02-24 14:36 - 2015-07-30 12:28 - 00001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PROFIT.lnk
2017-02-24 14:36 - 2015-07-30 12:28 - 00001052 _____ C:\Users\Public\Desktop\PROFIT.lnk
2017-02-24 14:36 - 2015-07-30 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPsoft PROFIT
2017-02-24 07:24 - 2013-11-02 18:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 07:19 - 2013-11-02 18:58 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 18:38 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 13:41 - 2016-04-13 18:39 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2014-03-05 20:33 - 2014-05-21 19:10 - 0000056 _____ () C:\Users\Slamak\AppData\Local\Images.fl
2014-01-11 19:50 - 2016-09-11 18:29 - 0007602 _____ () C:\Users\Slamak\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Slamak\Desktop" je 39 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[slamax]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2017
Ran by Slamak (13-03-2017 19:52:59)
Running from C:\Users\Slamak\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-21 03:53:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3621977129-2832859686-462106091-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621977129-2832859686-462106091-503 - Limited - Disabled)
Guest (S-1-5-21-3621977129-2832859686-462106091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3621977129-2832859686-462106091-1003 - Limited - Enabled)
Slamak (S-1-5-21-3621977129-2832859686-462106091-1001 - Administrator - Enabled) => C:\Users\Slamak

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AC-3 ACM Codec 2.2 (HKLM-x32\...\AC3ACM) (Version: 2.2 - fccHandler)
AC-3 ACM Codec x64 2.2 (HKLM\...\AC3ACM) (Version: 2.2 - fccHandler)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Akrem studio (HKLM-x32\...\Akrem studio_Akrem studio) (Version: - )
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.4 - Arduino LLC)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
BlazeHDTV 6.0 (HKLM-x32\...\BlazeHDTV 6.0_is1) (Version: - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.96 - Broadcom Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-7055W (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - CZ (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CzechRep_by_Dave_Luv (HKLM-x32\...\CzechRep_by_Dave_Luv) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Electrum (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Electrum) (Version: 2.7.18 - Electrum Technologies GmbH)
eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.)
FileZilla Client 3.24.1 (HKLM-x32\...\FileZilla Client) (Version: 3.24.1 - Tim Kosse)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOKNIHY ONLINE (HKLM-x32\...\FOTOKNIHY ONLINE_FOTOKNIHY ONLINE) (Version: - )
Freemake Video Converter verze 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.12.5268 - Gretech Corporation)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Mega Codec Pack 11.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 cs)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.0.6270 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8309 - MyHeritage.com)
Noční můra z hlubin: Volání Sirény (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Noční můra z hlubin: Volání Sirény) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NVIDIA PhysX v8.05.26 (HKLM-x32\...\{11AE6807-50D2-4F59-82B3-2C3E695E94C2}) (Version: 8.05.26 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
PROFIT 2017.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
ProgDVB (HKLM-x32\...\ProgDVB) (Version: 7.x - Prog)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.561 (x32 Version: 3.55.2393.561 - Avast Software) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A00522-35A8-4318-B4F9-58BCA82B4C36} - System32\Tasks\{181CE5D4-D103-47A7-9F24-61B5D5C555D7} => pcalua.exe -a C:\Users\Slamak\Downloads\DDRinstall.exe -d C:\Users\Slamak\Downloads
Task: {1350A46E-6849-45AB-89F5-E8828B4AF74A} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {17660AAA-27C1-41C3-BAC5-ECE9E2DAFC4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {22836ED9-6809-4E92-885D-2A28D0D37D49} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {2295B629-0AA4-49AC-AC9A-EB6EF400D834} - System32\Tasks\SafeZone scheduled Autoupdate 1453580228 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software)
Task: {2B7492F1-AF9E-41CE-B94C-BC7B98EAEAEB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2016-07-06] ()
Task: {30CEB371-1E08-4188-8984-BCBF880E86C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-28] (Adobe Systems Incorporated)
Task: {32FD5AA6-2DB8-4649-80F0-3D4AC5D8902A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {39A9F29C-FF8C-4356-AE0E-F09700CA4A9C} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {3A94C1D7-491B-4481-8490-783C66B364D0} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2016-07-06] ()
Task: {40A9C6E6-7422-4660-9971-5FC1201A25FC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-02] (AVAST Software)
Task: {585EC883-F50D-4365-8BB2-421EA561C8F9} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {61BD3CD7-ABE6-444C-AAA2-C5A66B123018} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-10-21] ()
Task: {6C6256BD-8C35-4E21-B9EC-1B8157A45CCC} - System32\Tasks\{EDB6CCAF-7385-4F0D-81BB-3907F76463EA} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe"
Task: {7510DD46-9F1F-47BC-AC21-68BF7D20F90F} - System32\Tasks\{46AC75F9-7279-44FE-B6C8-0D1DB47FE976} => pcalua.exe -a C:\Users\Slamak\Downloads\AZ_AlbumMaker_setup(1).exe -d C:\Users\Slamak\Downloads
Task: {880E63BE-025F-4980-99B1-BE34455CFCF1} - System32\Tasks\{1A614DCE-B283-40EF-8D8F-3F54D8AD6629} => pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4719.1002 culture=cs-cz productstoremove=O365HomePremRetail_cs-cz_x-none
Task: {C71FF138-48D9-46A8-8610-ADB2640C55D5} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {C836D59B-3725-4582-A701-1D3602BD53BD} - System32\Tasks\avastBCLRestartS-1-5-21-3621977129-2832859686-462106091-1001 => Firefox.exe
Task: {E2645371-307B-4252-8393-D1F4C609C258} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {E404C4BD-2ED7-422E-8E53-5374AFFC1D98} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E79DD6A7-60B0-4E62-BBCB-2D65C360B4B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {F477C497-7AE6-4D99-ABC8-1ED9726E8AF6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Slamak\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
Shortcut: C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\Go To StepMania web site.lnk -> hxxp://www.stepmania.com

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-03-28 19:07 - 2016-03-28 19:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-21 22:03 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 20:43 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 20:43 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 20:43 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 21:00 - 2017-03-09 01:16 - 00112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-02-15 15:51 - 2017-02-15 15:51 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2012-11-03 01:38 - 2012-11-03 01:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2013-02-08 21:09 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-03-02 19:44 - 2017-03-02 19:44 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-03 13:08 - 2016-07-03 13:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-02 19:43 - 2017-03-02 19:43 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-02 19:44 - 2017-03-02 19:44 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-02 22:45 - 2017-03-02 22:44 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-03-09 19:25 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Slamak\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.154.240.3 - 10.154.240.66
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Acer Backup Manager Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "RadioController"
HKLM\...\StartupApproved\Run32: => "NtVdmSrv"
HKLM\...\StartupApproved\Run32: => "LManager"
HKLM\...\StartupApproved\Run32: => "Monitor"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "ProgLauncher"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GEN"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DA525EAC-6852-482F-AA63-74E18CFA687B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{983CF36B-CB3D-4385-971B-FD79973B6783}] => (Allow) LPort=1900
FirewallRules: [{C20889E0-6A14-404A-BE8A-6309D99072A4}] => (Allow) LPort=2869
FirewallRules: [{9431EEC7-ED77-47CF-A15D-FF8F6E28B0B1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{1EF1063B-344D-4257-81B2-F94ECA4C15BB}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{54DC1741-7570-4420-B713-C0B174C039A9}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{3BCF9347-E346-46E0-B33F-A4BC67D2A2EF}] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{064AD829-5C27-47EF-AE3D-2FC9FA0C2312}] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{7B39F568-61F0-4193-875D-D29EFB358C9F}] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [{13F9C526-59E9-4DE2-BA2C-2320D4C8DBD7}] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{99F5D564-1C52-4ED1-90FF-F546A28BC91E}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{4CD18BA7-7FEA-4FC5-9849-F5C422EECF5C}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{209C1F0F-6329-458A-B4A6-7DD85D1F1A77}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{A9789E06-29D9-4BCA-AC6E-1484948C3FFD}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{76C5B11D-E3B1-4EA6-9084-3A45E83D0B0E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{54138E86-28AE-4ED8-8835-64438D0A2B9D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7C0852DB-1D41-4918-AFCA-448A793918F7}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{E2CD2A1C-03FB-455B-9231-AC5C53314E76}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{9842AC32-6485-453D-8FFC-A38E68AE5A84}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{49D6C8F0-2D7A-42CB-86BB-547F812FEF5C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{E8C9F16C-DD0C-45EC-B7CE-D1FA42A123A6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B98B703E-E1A4-4826-A256-1E06246CFF86}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{4438A42E-CA01-487A-A81F-96AD350C6535}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{A85D8387-645E-44E9-94E1-34AA456EB606}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{BFCFDD45-68EB-4105-8726-73306E3B622A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{33049DF9-DBBD-4769-9505-68649786D112}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{1DCA56D4-AD07-48B8-8297-ABD1F86884C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{DDC7E40F-1333-444F-B1B6-E83D9E46BDD7}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{0765CE9F-2F1D-46EF-BA2D-8035F6F32525}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{787E5484-3AEB-4774-A241-823C0F3D7FC3}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{BE1DCC74-2862-4763-B8E4-73A2264E94C1}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{5CEF367C-579E-4CA3-8269-AA0A5F195804}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{93A5B1E3-0F5F-41E7-AEED-71D9A29FE05E}] => (Allow) LPort=54925
FirewallRules: [{ED95B026-8EE2-48BA-A20C-78F41E095F3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B889CF8-37E5-4CC8-A046-2198B81E3151}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3F197BA-31E7-477E-9BB3-4180D5FEAA98}] => (Allow) C:\Program Files (x86)\Hry.cz\Nightmares from the Deep The Sirens Call\Nocnimurazhlubin_VolaniSireny.exe
FirewallRules: [TCP Query User{82F58A0E-8AC8-483F-85FE-1DD266BB7CF0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{328DF6A7-3A5F-49FD-9071-2666B4016B18}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B1029764-1F37-4419-9554-D6C613B735F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EA82611E-15D4-4328-8C80-B987426B92D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63BEB568-CDE7-4A80-98B3-911641C9829E}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{30CB0268-27E1-4B48-B980-938917BA621B}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{FE085ABC-22CA-4390-8736-2CA26E883E36}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{952311B2-4BB1-4F48-912D-75986740EF7F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6853868E-3294-4265-B6FC-0B31B1EEAF5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F6F4E9A0-1709-4F31-9BD2-A1E011E8D7EE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2017 07:54:51 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/13/2017 07:54:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/13/2017 04:32:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.1.0.415, časové razítko: 0x5881b7a1
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x5825887f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002f7db
ID chybujícího procesu: 0x998
Čas spuštění chybující aplikace: 0x01d29b3593358951
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c33f555b-f0c3-432a-ae7b-4de40e6640cd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/12/2017 08:36:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5369fdea
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.479, časové razítko: 0x58256d37
Kód výjimky: 0xe0434352
Posun chyby: 0x000da832
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0x01d29b3592c57f4e
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 0f7f6404-fb26-48df-9c12-9c84fde5ac15
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/12/2017 08:36:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentException
na System.Security.Principal.SecurityIdentifier..ctor(System.String)
na FreemakeUtilsService.Common.ToolbarInstallationChecker.GetSidToUsernameDictionary()
na FreemakeUtilsService.Common.ToolbarInstallationChecker.CheckInfo(FreemakeUtilsService.Common.FreemakeToolbarsInfo)
na FreemakeUtilsService.Statistics.Manager.StartToolbarInfoCheck()
na FreemakeUtilsService.Statistics.Manager.SettingsSyncFailed(System.Object, System.EventArgs)
na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/11/2017 07:03:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5369fdea
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.479, časové razítko: 0x58256d37
Kód výjimky: 0xe0434352
Posun chyby: 0x000da832
ID chybujícího procesu: 0x7b4
Čas spuštění chybující aplikace: 0x01d299dab9b03b0e
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 9b232c7f-83ca-456d-93b0-81823692eb21
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/11/2017 07:03:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentException
na System.Security.Principal.SecurityIdentifier..ctor(System.String)
na FreemakeUtilsService.Common.ToolbarInstallationChecker.GetSidToUsernameDictionary()
na FreemakeUtilsService.Common.ToolbarInstallationChecker.CheckInfo(FreemakeUtilsService.Common.FreemakeToolbarsInfo)
na FreemakeUtilsService.Statistics.Manager.StartToolbarInfoCheck()
na FreemakeUtilsService.Statistics.Manager.SettingsSyncFailed(System.Object, System.EventArgs)
na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/11/2017 11:35:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SlamakAcer)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/10/2017 08:11:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SlamakAcer)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/10/2017 08:07:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: avgsvca.exe, verze: 1.143.2.51391, časové razítko: 0x584680fd
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.14393.0, časové razítko: 0x578997b5
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000110dd
ID chybujícího procesu: 0x7b0
Čas spuštění chybující aplikace: 0x01d2999cd9aa8f2a
Cesta k chybující aplikaci: C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: ed1cd670-7c12-4db2-befc-9855c85afed2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/13/2017 07:45:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba aswbIDSAgent skončila s následující chybou specifickou pro službu:
%%3758213661

Error: (03/13/2017 04:37:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 04:32:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/13/2017 04:31:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba aswbIDSAgent skončila s následující chybou specifickou pro službu:
%%3758213661

Error: (03/13/2017 01:43:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 01:08:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 11:37:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 07:07:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 06:29:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 12:04:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 48%
Total physical RAM: 3909.28 MB
Available physical RAM: 1996.26 MB
Total Virtual: 10063.01 MB
Available Virtual: 7993.98 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:911.75 GB) (Free:356.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4B1BB8FD)

Partition: GPT.

==================== End of Addition.txt ============================

[Kodlz]

opet vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:

HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GEN] => "C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe"
C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe
U3 kwlcruod; C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys [56584 2017-03-13] (GMER) [File not signed] <==== ATTENTION
Task: {22836ED9-6809-4E92-885D-2A28D0D37D49} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {C71FF138-48D9-46A8-8610-ADB2640C55D5} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {E404C4BD-2ED7-422E-8E53-5374AFFC1D98} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GEN"
end

[slamax]

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-03-2017
Ran by Slamak (14-03-2017 19:20:22) Run:2
Running from C:\Users\Slamak\Desktop
Loaded Profiles: Slamak (Available Profiles: Slamak)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:

HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GEN] => "C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe"
C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe
U3 kwlcruod; C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys [56584 2017-03-13] (GMER) [File not signed] <==== ATTENTION
Task: {22836ED9-6809-4E92-885D-2A28D0D37D49} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {C71FF138-48D9-46A8-8610-ADB2640C55D5} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {E404C4BD-2ED7-422E-8E53-5374AFFC1D98} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GEN"
end
*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GEN => value removed successfully
"C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe" => not found.
HKLM\System\CurrentControlSet\Services\kwlcruod => key removed successfully
kwlcruod => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22836ED9-6809-4E92-885D-2A28D0D37D49} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22836ED9-6809-4E92-885D-2A28D0D37D49} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C71FF138-48D9-46A8-8610-ADB2640C55D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C71FF138-48D9-46A8-8610-ADB2640C55D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E404C4BD-2ED7-422E-8E53-5374AFFC1D98} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E404C4BD-2ED7-422E-8E53-5374AFFC1D98} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GEN => value removed successfully
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GEN => value not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57009114 B
Java, Flash, Steam htmlcache => 991 B
Windows/system/drivers => 15389222 B
Edge => 0 B
Chrome => 0 B
Firefox => 375589159 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 16322 B
NetworkService => 0 B
Slamak => 37945674 B

RecycleBin => 268207 B
EmptyTemp: => 463.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:23:00 ====

[Kodlz]

jak se chova pc?

[slamax]

No, vypadá to OK.

[slamax]

TAk přece něco. Když spustím kalkulačku, nelze na ni psát num. klávesnicí, jen kliky myší.
Taky nejde psát do kolonky vyhledávání ve Win 10, ani písmena ani číslice.

[Kodlz]

prvne ti zkusim zprovoznit restore pointy na windowsech, ktere jsou nejspis blokovane nejspis nejakou 3ti aplikaci.
original link

1. dej Start->nech si vyhledat REGEDIT a spusti.
2. vyhleje ji nasledujici klic:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\swprv\Parameters

poznamka: Pokud Parameters registry klic chybi, udelej nasledujici kroky:
Pravym mysitkem klikni na swprv , novy->vyber KLIC-> pojmenuj ho Parameters -> enter

3. Once the Parameters registry key is selected, verify that the ServiceDll registry value has the following value:
3. Over, ze klic Parameters ma v hodnote ServiceDll zaznam:

%Systemroot%\System32\swprv.dll

poznamka: Jestli hodnota ServiceDll chybi udelej nasledujici kroky:

a. Prave mysitko na Parameters -> vyber NOVY, vyber Expandable String Value (REG_EXPAND_SZ).
b. pojmenuj ServiceDll -> Enter.
c. Dvojklik na ServiceDll .
d. do kolonky DATA HODNOTY napis %Systemroot%\System32\swprv.dll , -> OK.



EDIT: Po tomto mi zkus dat jeste jednou LOGy z FRST.

[slamax]

Všechny záznamy byly na místě, nemusel jsem nic doplňovat.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Slamak (administrator) on SLAMAKACER (16-03-2017 19:10:28)
Running from C:\Users\Slamak\Desktop
Loaded Profiles: Slamak (Available Profiles: Slamak)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Slamak\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-02-08] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [14517936 2016-07-14] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [24742760 2016-10-21] (eM Client s.r.o.)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [DAEMON Tools Lite] => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [ProgLauncher] => C:\Program Files (x86)\ProgDVB\ProgLauncher.exe [400584 2016-08-26] ()
IFEO\acpanel_win.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\googledrivesync.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\myheritage.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progdvbnet.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progguide.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progtv.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skineditor.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-11-22]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk [2013-11-26]
ShortcutTarget: TrayMenu.lnk -> C:\Windows\SysWOW64\C2MP\TrayMenu.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{5ebae234-8da9-4cf8-be43-1d89008d74f4}: [DhcpNameServer] 10.154.240.3 10.154.240.66
Tcpip\..\Interfaces\{f77bfe06-ae58-4493-81ba-fffbdc2587a6}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope {6A9BB02B-2030-4929-AE57-F965133B84E3} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> {6A9BB02B-2030-4929-AE57-F965133B84E3} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-12] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default [2017-03-16]
FF user.js: detected! => C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\user.js [2017-03-02]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\gjyzp0az.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\gjyzp0az.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\gjyzp0az.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\gjyzp0az.default -> hxxps://www.seznam.cz/
FF Extension: (Avast Passwords) - C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2017-02-10]
FF Extension: (Password Exporter) - C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-03-12]
FF SearchPlugin: C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\searchplugins\seznam-avast.xml [2015-02-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-28] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13906
CHR StartupUrls: Default -> "hxxp://websearch.just-browse.info/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&i ... hannel=rcs
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default [2017-03-10]
CHR Extension: (CacheList) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2016-11-09]
CHR Extension: (Dokumenty Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-10]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-10]
CHR Extension: (YouTube) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Avast Online Security) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-12-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-10]
CHR Extension: (Avast Passwords) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-02-15]
CHR Extension: (Avast SafePrice) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-10]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-10]
CHR Extension: (Save the Penguin) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinohkicpolgdfgajpflbaoimmnaeibb [2017-02-24]
CHR Extension: (Gmail) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-15]
CHR Extension: (Geoseznam) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkejgpgaflkeonkliblcplomemekogop [2016-07-06]
CHR HKU\S-1-5-21-3621977129-2832859686-462106091-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-02] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-26] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-07] (Freemake) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-02-08] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-03-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-02] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-02] (AVAST Software)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (www.winchiphead.com)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-02-08] (Dritek System Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-16 19:10 - 2017-03-16 19:11 - 00023021 _____ C:\Users\Slamak\Desktop\FRST.txt
2017-03-16 19:08 - 2017-03-16 19:10 - 02424832 _____ (Farbar) C:\Users\Slamak\Desktop\FRST64.exe
2017-03-16 19:08 - 2017-03-16 19:09 - 00112640 _____ (forum.viry.cz) C:\Users\Slamak\Desktop\FRSTLauncher.exe
2017-03-16 06:53 - 2017-03-16 06:53 - 00009141 _____ C:\Users\Slamak\Downloads\output(6).pdf
2017-03-16 06:52 - 2017-03-16 06:52 - 00074316 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-16-1636.pdf
2017-03-16 06:41 - 2017-03-16 06:41 - 00000131 _____ C:\Users\Slamak\Downloads\objednavka_export_16-03-2017-06-41-46.csv
2017-03-16 06:39 - 2017-03-16 06:40 - 00002742 _____ C:\Users\Slamak\Downloads\ordersXML(2).xml
2017-03-15 19:28 - 2017-03-15 19:28 - 00409620 _____ C:\Users\Slamak\Downloads\Bulldog Brewer.pdf
2017-03-15 19:11 - 2017-03-15 19:11 - 00075674 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-15-1327.pdf
2017-03-15 19:11 - 2017-03-15 19:11 - 00011002 _____ C:\Users\Slamak\Downloads\output(5).pdf
2017-03-15 15:30 - 2017-03-15 15:30 - 00000219 _____ C:\Users\Slamak\Downloads\objednavka_export_15-03-2017-15-30-33.csv
2017-03-15 15:20 - 2017-03-15 15:20 - 00007118 _____ C:\Users\Slamak\Downloads\ordersXML(1).xml
2017-03-15 11:17 - 2017-03-15 11:17 - 00492917 _____ C:\Users\Slamak\Downloads\manual_-_pivovar-sk(1).pdf
2017-03-15 11:16 - 2017-03-15 11:16 - 00492917 _____ C:\Users\Slamak\Downloads\manual_-_pivovar-sk.pdf
2017-03-15 09:07 - 2017-03-15 09:07 - 00015468 _____ C:\Users\Slamak\Downloads\ordersXML.xml
2017-03-14 23:28 - 2017-03-14 23:28 - 00158059 _____ C:\Users\Slamak\Downloads\EP.pdf
2017-03-14 21:28 - 2017-03-14 21:28 - 00080367 _____ C:\Users\Slamak\Downloads\449570776_0_RocniVypisROS.pdf
2017-03-14 21:22 - 2017-03-14 21:22 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-14 13:13 - 2017-03-14 13:13 - 00009252 _____ C:\Users\Slamak\Downloads\output(4).pdf
2017-03-13 20:09 - 2017-03-13 20:09 - 00009090 _____ C:\Users\Slamak\Downloads\output(3).pdf
2017-03-13 16:00 - 2017-03-13 16:00 - 00371282 _____ C:\Users\Slamak\Downloads\gmer(1).zip
2017-03-13 15:50 - 2017-03-13 15:50 - 00371282 _____ C:\Users\Slamak\Downloads\gmer.zip
2017-03-13 15:39 - 2017-03-13 15:39 - 00075257 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-13-1791.pdf
2017-03-13 15:39 - 2017-03-13 15:39 - 00017313 _____ C:\Users\Slamak\Downloads\output(2).pdf
2017-03-13 07:03 - 2017-03-13 07:03 - 00009072 _____ C:\Users\Slamak\Downloads\output(1).pdf
2017-03-13 06:43 - 2017-03-13 06:43 - 00012949 _____ C:\Users\Slamak\Downloads\output.pdf
2017-03-12 16:55 - 2017-03-12 17:15 - 1731911076 _____ C:\Users\Slamak\Downloads\ostravak.ostravski.2016.480p.DVDRip.XVID.AC3.CZ.avi
2017-03-12 16:52 - 2017-03-12 17:27 - 981307392 _____ C:\Users\Slamak\Downloads\Prichozi - Arrival (2016)_cz dab.avi.part
2017-03-12 15:16 - 2017-03-12 15:16 - 00075639 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-12-1103.pdf
2017-03-11 20:07 - 2017-03-11 20:07 - 00425906 _____ C:\Users\Slamak\Downloads\483507292.pdf
2017-03-11 20:02 - 2017-03-11 20:02 - 00569168 _____ C:\Users\Slamak\Downloads\489734385.pdf
2017-03-11 20:01 - 2017-03-11 20:01 - 00430352 _____ C:\Users\Slamak\Downloads\486648024.pdf
2017-03-10 21:12 - 2017-03-10 21:13 - 00387172 _____ C:\WINDOWS\Minidump\031017-30937-01.dmp
2017-03-10 21:12 - 2017-03-10 21:12 - 588130465 _____ C:\WINDOWS\MEMORY.DMP
2017-03-10 19:11 - 2017-03-10 19:12 - 00359501 _____ C:\Users\Slamak\Downloads\14436469(1).pdf
2017-03-10 19:08 - 2017-03-10 19:10 - 00359501 _____ C:\Users\Slamak\Downloads\14436469.pdf
2017-03-10 17:13 - 2017-03-08 12:46 - 00025237 _____ C:\Users\Slamak\Desktop\2017-02-28T02-02 Transakce č. 1055832024528472-2355991.pdf
2017-03-10 17:11 - 2017-03-10 17:12 - 00022726 _____ C:\Users\Slamak\Downloads\2017-02-01–2017-02-28_Transakce(1).zip
2017-03-10 13:43 - 2017-03-10 13:48 - 00000000 ____D C:\AdwCleaner
2017-03-09 20:28 - 2017-03-10 07:18 - 00000000 ____D C:\Users\Slamak\Desktop\tisk
2017-03-09 13:30 - 2017-03-16 19:10 - 00000000 ____D C:\FRST
2017-03-09 13:12 - 2017-03-09 13:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-09 13:12 - 2017-03-09 13:12 - 00000000 ____D C:\Intel
2017-03-09 07:24 - 2017-03-09 07:24 - 00052736 _____ C:\Users\Slamak\Downloads\GOPAY_112643542-170130-170205.xls
2017-03-09 07:07 - 2017-03-09 07:07 - 00471823 _____ C:\Users\Slamak\Downloads\171019421(1).pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00471991 _____ C:\Users\Slamak\Downloads\171010674.pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00471668 _____ C:\Users\Slamak\Downloads\171013755.pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00470862 _____ C:\Users\Slamak\Downloads\171016549(1).pdf
2017-03-09 01:17 - 2017-03-09 01:17 - 12935296 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 11330576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 01086408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00975184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00558728 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00553424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00242800 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00206000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00051184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 13046920 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 10829448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 05925984 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 03529352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 03139208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00593544 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00560776 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00536664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00460936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00458376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00450184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00449160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00447112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00446600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00428680 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00402568 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00348808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00304264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00300128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00276064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00206944 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00193160 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00160392 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00145032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2017-03-09 01:16 - 2017-03-09 01:16 - 00134280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4459.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00119432 _____ C:\WINDOWS\system32\igdde64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00099464 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00043144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00027784 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2017-03-08 21:46 - 2017-03-08 21:46 - 00022725 _____ C:\Users\Slamak\Downloads\2017-02-01–2017-02-28_Transakce.zip
2017-03-08 21:19 - 2017-03-09 19:30 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2017-03-08 20:52 - 2017-03-08 20:52 - 00001284 _____ C:\Users\Slamak\Desktop\Faktury přijaté 2017 – zástupce.lnk
2017-03-08 20:51 - 2017-03-08 20:51 - 00001194 _____ C:\Users\Slamak\Desktop\Texty shop – zástupce.lnk
2017-03-07 19:42 - 2017-03-07 19:42 - 00000000 ____D C:\rsit
2017-03-07 12:16 - 2017-03-07 12:16 - 00000000 ____D C:\Users\Slamak\fUTkALeaTxM
2017-03-07 08:35 - 2017-03-07 08:35 - 00472563 _____ C:\Users\Slamak\Downloads\171022412.pdf
2017-03-06 18:01 - 2017-03-06 18:01 - 00000000 ____D C:\Users\Slamak\AppData\Local\FileZilla
2017-03-06 17:03 - 2017-03-06 17:03 - 00206521 _____ C:\Users\Slamak\Downloads\492092659.PDF
2017-03-06 17:02 - 2017-03-06 17:02 - 00089630 _____ C:\Users\Slamak\Downloads\492092658.PDF
2017-03-06 15:07 - 2017-03-06 15:11 - 00272470 _____ C:\Users\Slamak\Documents\kaplicka v opre.odt
2017-03-04 23:17 - 2017-03-04 23:17 - 00148566 _____ C:\Users\Slamak\Downloads\T8940540.pdf
2017-03-04 20:49 - 2017-03-04 20:50 - 01185889 _____ C:\Users\Slamak\Downloads\2015_Guidelines_Beer.pdf
2017-03-04 16:43 - 2017-03-04 16:58 - 1900460032 _____ C:\Users\Slamak\Downloads\Jokri.avi
2017-03-04 16:42 - 2017-03-04 16:49 - 824785610 _____ C:\Users\Slamak\Downloads\Zilionáři-2016-cz-dab.,super-kvalita.avi
2017-03-04 12:45 - 2017-03-04 12:51 - 914463076 _____ C:\Users\Slamak\Downloads\(cetnici-z-luhacovic)-09-dopis-ze-zahrobi--16'--DVBT_CZ-(romin).avi
2017-03-03 12:49 - 2017-03-03 12:49 - 00362130 _____ C:\Users\Slamak\Downloads\cenik-italie-novy.pdf
2017-03-02 23:36 - 2017-03-07 20:34 - 00003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-03-02 22:50 - 2017-03-02 22:50 - 00002594 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-03-02 22:50 - 2017-02-21 09:29 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-03-02 22:47 - 2017-03-02 22:47 - 00000979 _____ C:\Users\Slamak\Desktop\zalohy PROFIT – zástupce.lnk
2017-03-02 22:47 - 2017-03-02 22:47 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-02 22:47 - 2017-03-02 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-03-02 22:45 - 2017-03-15 21:01 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-02 22:45 - 2017-03-02 22:50 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-02 22:44 - 2017-03-02 23:48 - 00000000 ____D C:\Users\Slamak\AppData\Local\AvgSetupLog
2017-03-02 20:32 - 2017-03-02 20:36 - 773026364 _____ C:\Users\Slamak\Downloads\Bezva ženska na krku .2016 komedie cz avi.avi
2017-03-02 19:45 - 2017-03-06 10:37 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-02 19:45 - 2017-03-02 19:43 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-02 19:44 - 2017-03-02 19:44 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-01 10:53 - 2017-03-01 10:53 - 00216324 _____ C:\Users\Slamak\Downloads\newsletter_3.pdf
2017-03-01 01:56 - 2017-03-01 01:56 - 00085710 _____ C:\Users\Slamak\Downloads\Obchodni podminky www.vyrobtesipivo.cz(1).pdf
2017-03-01 00:14 - 2012-01-19 02:27 - 00000000 ____D C:\Users\Slamak\Documents\tni_product_reviews
2017-03-01 00:11 - 2017-03-01 00:11 - 00012813 _____ C:\Users\Slamak\Downloads\tni_product_reviews RECENZE.zip
2017-02-28 23:17 - 2017-02-28 23:17 - 00402839 _____ C:\Users\Slamak\Downloads\sanicleantl.pdf
2017-02-28 22:26 - 2017-02-28 22:26 - 00305226 _____ C:\Users\Slamak\Downloads\PBW_SDS_EN.pdf
2017-02-28 22:26 - 2017-02-28 22:26 - 00238727 _____ C:\Users\Slamak\Downloads\Star_San_HB_SDS_EN.pdf
2017-02-28 21:56 - 2017-02-28 21:56 - 00471823 _____ C:\Users\Slamak\Downloads\171019421.pdf
2017-02-28 16:32 - 2017-02-28 16:33 - 176296836 _____ C:\Users\Slamak\Downloads\RINO-–-Příběh-špióna.part2.rar
2017-02-28 16:31 - 2017-02-28 16:46 - 2086666240 _____ C:\Users\Slamak\Downloads\RINO-–-Příběh-špióna.part1.rar
2017-02-27 19:24 - 2017-02-27 19:24 - 00050584 _____ C:\Users\Slamak\Downloads\4117048648.pdf
2017-02-27 19:24 - 2017-02-27 19:24 - 00048491 _____ C:\Users\Slamak\Downloads\4017047847.pdf
2017-02-27 19:21 - 2017-02-27 19:21 - 00050611 _____ C:\Users\Slamak\Downloads\4117048644.pdf
2017-02-27 19:21 - 2017-02-27 19:21 - 00048203 _____ C:\Users\Slamak\Downloads\4017047844.pdf
2017-02-27 16:14 - 2017-02-27 16:14 - 00003004 _____ C:\Users\Slamak\Downloads\438894670_1_Autentizační údaje(2).pdf
2017-02-27 11:41 - 2017-02-27 11:42 - 00020893 _____ C:\Users\Slamak\Desktop\Order Stanislav Krejci - vyrobtesipivo.cz.ods
2017-02-27 10:36 - 2017-02-27 10:36 - 00235513 _____ C:\Users\Slamak\Desktop\Brouwland_price_list_C20_July_2016_EN.xlsx
2017-02-25 21:04 - 2017-02-25 21:05 - 00530051 _____ C:\Users\Slamak\Downloads\Cenik-01012017.pdf
2017-02-24 19:35 - 2017-02-24 19:36 - 00061322 _____ C:\Users\Slamak\Downloads\050.270.8 en 050.514.9_SPEC_EN_Bavarian Wheat M20.pdf
2017-02-24 19:35 - 2017-02-24 19:35 - 00083215 _____ C:\Users\Slamak\Downloads\050.270.8.pdf
2017-02-24 15:39 - 2017-02-25 20:21 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Electrum
2017-02-24 15:37 - 2017-02-24 15:37 - 00001080 _____ C:\Users\Slamak\Desktop\Electrum.lnk
2017-02-24 15:37 - 2017-02-24 15:37 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2017-02-24 15:37 - 2017-02-24 15:37 - 00000000 ____D C:\Program Files (x86)\Electrum
2017-02-24 15:19 - 2017-02-24 16:16 - 00000074 _____ C:\Users\Slamak\Desktop\Bitcoin.txt
2017-02-24 15:18 - 2017-02-24 15:18 - 00000000 ____D C:\Users\Slamak\Documents\Bitcoin
2017-02-24 15:15 - 2017-02-24 15:16 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\MultiBitHD
2017-02-24 12:53 - 2017-02-24 12:53 - 10262944 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Data Sheets-20170224T115302Z-001.zip
2017-02-23 22:02 - 2017-02-23 22:02 - 00342006 _____ C:\Users\Slamak\Downloads\Kompakt_70l.pdf
2017-02-23 19:59 - 2017-02-23 19:59 - 01816415 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Traditional Series Beer Pouches-20170223T185854Z-001.zip
2017-02-23 19:57 - 2017-02-23 19:58 - 03333638 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Craft Series Yeast-20170223T185729Z-001.zip
2017-02-22 20:46 - 2017-02-22 20:47 - 00100268 _____ C:\Users\Slamak\Desktop\661-1132 Baška Chorvatsko dovolená 2017.htm
2017-02-22 20:46 - 2017-02-22 20:47 - 00000000 ____D C:\Users\Slamak\Desktop\661-1132 Baška Chorvatsko dovolená 2017_soubory
2017-02-22 13:34 - 2017-02-22 13:34 - 07422592 _____ C:\Users\Slamak\Downloads\Katalog_podzim-zima_2016_web.pdf
2017-02-21 18:59 - 2017-02-21 18:59 - 00470854 _____ C:\Users\Slamak\Downloads\171016549.pdf
2017-02-20 22:55 - 2017-02-20 22:55 - 00000444 _____ C:\Users\Slamak\Downloads\csv-ukazka.csv
2017-02-20 16:18 - 2017-02-20 16:39 - 3003922830 _____ C:\Users\Slamak\Downloads\ČETNÍCI-Z-LUHAČOVIC-07.Padělek-FHD-(2017)-CZ-(78PT).avi
2017-02-20 16:14 - 2017-02-20 16:22 - 1063945388 _____ C:\Users\Slamak\Downloads\Bohéma S01E06 - Dvojí tvá_e - TVrip CZserial.avi
2017-02-19 22:04 - 2017-02-19 22:04 - 00045633 _____ C:\Users\Slamak\Downloads\PDFReport.aspx
2017-02-19 18:59 - 2017-02-19 18:59 - 00176219 _____ C:\Users\Slamak\Downloads\plna-moc.pdf
2017-02-19 18:58 - 2017-02-19 18:58 - 00106568 _____ C:\Users\Slamak\Downloads\merkblatt_deutsch.pdf
2017-02-19 18:57 - 2017-02-19 18:57 - 00090301 _____ C:\Users\Slamak\Downloads\StAb-Bau-Fragebg. 2002 - tschech..pdf
2017-02-19 18:56 - 2017-02-19 18:56 - 00018825 _____ C:\Users\Slamak\Downloads\Baustellenübersicht D-CZ.docx(1).pdf
2017-02-19 18:55 - 2017-02-19 18:55 - 00158712 _____ C:\Users\Slamak\Downloads\Fragenbogen CZ.pdf
2017-02-19 18:54 - 2017-02-19 18:55 - 00018825 _____ C:\Users\Slamak\Downloads\Baustellenübersicht D-CZ.docx.pdf
2017-02-19 18:54 - 2017-02-19 18:54 - 00381701 _____ C:\Users\Slamak\Downloads\Ansässigkeitsbescheinigung CZ.pdf
2017-02-18 22:13 - 2017-02-18 22:14 - 67620545 _____ C:\Users\Slamak\Downloads\backup_2017-02-18_22-13.zip
2017-02-18 20:53 - 2017-02-18 20:53 - 00107323 _____ C:\Users\Slamak\Desktop\Pojistka.pdf
2017-02-18 20:51 - 2017-02-18 20:51 - 00102558 _____ C:\Users\Slamak\Downloads\490435551.PDF
2017-02-18 20:15 - 2017-02-18 20:15 - 01377244 _____ C:\Users\Slamak\Downloads\testovaci-ssl-certifikat-thawte.pdf
2017-02-17 07:12 - 2017-02-17 07:12 - 03620092 _____ C:\Users\Slamak\Downloads\UPDATED PRICE LIST VYROBTESIPIVO 08.02.2017.pdf
2017-02-16 16:21 - 2017-02-16 16:32 - 1515676186 _____ C:\Users\Slamak\Downloads\vencep.avi
2017-02-16 16:13 - 2017-02-16 16:30 - 1651857408 _____ C:\Users\Slamak\Downloads\Star Trek Do neznáma.avi
2017-02-14 20:31 - 2017-02-14 21:02 - 1380786652 _____ C:\Users\Slamak\Downloads\Díra u Hanušovic 2014 CZ Film DVDRip.avi
2017-02-14 20:28 - 2017-02-14 20:52 - 1573277696 _____ C:\Users\Slamak\Downloads\Mist_i cz.avi
2017-02-14 20:27 - 2017-02-14 20:54 - 833598328 _____ C:\Users\Slamak\Downloads\Celebrity s.r.o-2016-cz.film-KOMEDIE.avi
2017-02-14 20:25 - 2017-02-14 20:45 - 1156334218 _____ C:\Users\Slamak\Downloads\Brainstorm (2008) _esko Komedie Drama Psychologický.avi
2017-02-14 10:24 - 2017-02-14 10:31 - 1067954768 _____ C:\Users\Slamak\Downloads\Bohema-5.dil-6-Vyhrat-za-kazdou-cenu---12.2.2017.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-16 19:00 - 2014-01-12 13:41 - 00000000 ____D C:\Users\Slamak\Documents\Profit zálohy
2017-03-16 18:17 - 2016-11-18 17:41 - 00000000 ____D C:\Users\Slamak\AppData\LocalLow\Mozilla
2017-03-16 18:15 - 2014-09-21 13:05 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\eM Client
2017-03-16 18:08 - 2015-07-30 12:28 - 00000000 ____D C:\Program Files (x86)\PROFIT
2017-03-16 13:45 - 2016-09-21 03:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-16 07:06 - 2014-02-11 20:05 - 00000000 ____D C:\Users\Slamak\Documents\zalohy PROFIT
2017-03-16 06:43 - 2013-12-29 08:50 - 00000000 ____D C:\Users\Slamak\Documents\exporty profit
2017-03-15 09:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-14 21:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-14 21:27 - 2016-11-21 15:12 - 00014823 _____ C:\Users\Slamak\Desktop\tisk Andrea.odt
2017-03-14 19:24 - 2016-09-21 04:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-14 19:23 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-14 19:22 - 2014-09-29 08:31 - 00000000 ____D C:\Users\Slamak\AppData\LocalLow\Temp
2017-03-11 20:22 - 2016-09-21 04:05 - 00000000 ____D C:\Users\Slamak
2017-03-10 21:29 - 2014-01-29 23:09 - 00000000 ___SD C:\Users\Slamak\Documents\My Web Sites
2017-03-10 21:12 - 2016-10-02 10:02 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-10 13:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-09 14:30 - 2016-09-21 04:34 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-03-09 14:30 - 2016-09-21 04:34 - 00002932 _____ C:\WINDOWS\System32\Tasks\Program k provádění aktualizací online Adobe
2017-03-09 14:26 - 2013-10-12 21:31 - 00000000 ____D C:\Users\Slamak\AppData\Local\CrashDumps
2017-03-09 13:12 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 12:40 - 2013-10-05 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-09 12:29 - 2014-10-18 16:12 - 00000000 ____D C:\Users\Slamak\Documents\eM Client
2017-03-09 12:20 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-09 06:45 - 2016-05-29 21:30 - 00071809 _____ C:\Users\Slamak\Desktop\Pivni_vypocty2.ods
2017-03-09 01:17 - 2015-06-01 21:01 - 13182528 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2017-03-09 01:17 - 2015-06-01 21:01 - 11460448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 09025672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 05382856 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-03-09 01:16 - 2015-06-01 21:00 - 00463960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2017-03-09 01:16 - 2015-06-01 21:00 - 00420960 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00193112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00128648 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 00112264 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 00082056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2017-03-08 20:52 - 2013-10-05 14:12 - 00000000 ____D C:\Users\Slamak\Documents\Dokumenty Eshop
2017-03-08 13:50 - 2014-09-24 20:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-07 19:42 - 2014-11-16 21:45 - 00000000 ____D C:\Program Files\trend micro
2017-03-07 12:16 - 2014-06-27 19:35 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Oracle
2017-03-06 18:02 - 2013-10-05 14:32 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\FileZilla
2017-03-06 18:01 - 2013-10-05 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-06 18:01 - 2013-10-05 14:32 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2017-03-06 12:15 - 2014-12-20 21:12 - 00000000 ___RD C:\Users\Slamak\Documents\Scanned Documents
2017-03-04 13:15 - 2015-02-25 18:13 - 00000000 ____D C:\ProgramData\AlawarWrapper
2017-03-04 10:20 - 2014-09-12 20:51 - 00000000 ____D C:\FOTOONLINE
2017-03-03 21:47 - 2014-12-26 06:16 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-03 20:25 - 2014-12-13 12:24 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-03 20:14 - 2016-01-08 08:18 - 00004608 _____ C:\6XSourceFilter.grf
2017-03-03 13:58 - 2017-01-26 19:40 - 00028200 _____ C:\Users\Slamak\Desktop\Nákupy.ods
2017-03-02 23:39 - 2016-09-21 04:34 - 00003188 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-02 23:35 - 2013-10-22 19:50 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Skype
2017-03-02 23:35 - 2013-10-05 17:54 - 00000000 ____D C:\Users\Slamak\AppData\Local\Microsoft Help
2017-03-02 23:35 - 2012-11-22 13:05 - 00000000 ____D C:\ProgramData\Temp
2017-03-02 23:34 - 2016-09-21 04:55 - 00000000 ___DC C:\WINDOWS\Panther
2017-03-02 23:34 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-03-02 22:50 - 2014-05-17 16:17 - 00000000 ____D C:\Users\Slamak\AppData\Local\AVG
2017-03-02 22:47 - 2013-12-27 07:47 - 00000000 ____D C:\ProgramData\AVG
2017-03-02 20:21 - 2016-06-15 17:24 - 00000000 ____D C:\temp
2017-03-02 20:19 - 2016-09-21 04:34 - 00004012 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1453580228
2017-03-02 20:19 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-02 20:19 - 2016-01-23 21:17 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-02 20:00 - 2015-09-24 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-03-02 20:00 - 2015-09-24 18:49 - 00000000 ____D C:\Program Files (x86)\7-Zip
2017-03-02 19:44 - 2014-12-26 06:19 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-02 19:43 - 2016-02-24 08:26 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-03-02 19:43 - 2015-03-08 12:36 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-02 19:43 - 2014-12-26 06:19 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-01 10:57 - 2013-10-05 13:37 - 00001228 _____ C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2017-03-01 00:02 - 2013-10-05 22:37 - 00000000 ____D C:\Users\Slamak\Documents\ESHOP
2017-02-28 07:08 - 2014-08-25 07:57 - 00000000 ____D C:\Users\Slamak\AppData\Local\Adobe
2017-02-28 07:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-28 07:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-27 07:43 - 2016-11-03 14:47 - 00000287 _____ C:\Users\Slamak\Desktop\Nový textový dokument (2).txt
2017-02-27 06:48 - 2012-11-22 13:04 - 00000000 ____D C:\Program Files (x86)\NTI
2017-02-27 06:48 - 2012-11-22 13:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-27 06:43 - 2014-12-24 19:39 - 00000000 ____D C:\Garmin
2017-02-27 06:42 - 2013-10-22 19:50 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 06:40 - 2014-05-29 14:00 - 00000000 ____D C:\ProgramData\Nero
2017-02-27 06:35 - 2017-01-30 22:06 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Foxit Software
2017-02-27 06:35 - 2014-12-29 10:17 - 00000000 ___RD C:\Users\Slamak\OneDrive
2017-02-27 06:34 - 2017-01-30 22:06 - 00000000 ____D C:\ProgramData\Foxit Software
2017-02-24 15:17 - 2017-01-02 19:21 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Bitcoin
2017-02-24 14:36 - 2015-07-30 12:28 - 00001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PROFIT.lnk
2017-02-24 14:36 - 2015-07-30 12:28 - 00001052 _____ C:\Users\Public\Desktop\PROFIT.lnk
2017-02-24 14:36 - 2015-07-30 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPsoft PROFIT
2017-02-24 07:24 - 2013-11-02 18:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 07:19 - 2013-11-02 18:58 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 18:38 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 13:41 - 2016-04-13 18:39 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2014-03-05 20:33 - 2014-05-21 19:10 - 0000056 _____ () C:\Users\Slamak\AppData\Local\Images.fl
2014-01-11 19:50 - 2016-09-11 18:29 - 0007602 _____ () C:\Users\Slamak\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Slamak\Desktop" je 32 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[slamax]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Slamak (16-03-2017 19:12:52)
Running from C:\Users\Slamak\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-21 03:53:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3621977129-2832859686-462106091-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621977129-2832859686-462106091-503 - Limited - Disabled)
Guest (S-1-5-21-3621977129-2832859686-462106091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3621977129-2832859686-462106091-1003 - Limited - Enabled)
Slamak (S-1-5-21-3621977129-2832859686-462106091-1001 - Administrator - Enabled) => C:\Users\Slamak

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AC-3 ACM Codec 2.2 (HKLM-x32\...\AC3ACM) (Version: 2.2 - fccHandler)
AC-3 ACM Codec x64 2.2 (HKLM\...\AC3ACM) (Version: 2.2 - fccHandler)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Akrem studio (HKLM-x32\...\Akrem studio_Akrem studio) (Version: - )
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.4 - Arduino LLC)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
BlazeHDTV 6.0 (HKLM-x32\...\BlazeHDTV 6.0_is1) (Version: - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.96 - Broadcom Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-7055W (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - CZ (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CzechRep_by_Dave_Luv (HKLM-x32\...\CzechRep_by_Dave_Luv) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Electrum (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Electrum) (Version: 2.7.18 - Electrum Technologies GmbH)
eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.)
FileZilla Client 3.24.1 (HKLM-x32\...\FileZilla Client) (Version: 3.24.1 - Tim Kosse)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOKNIHY ONLINE (HKLM-x32\...\FOTOKNIHY ONLINE_FOTOKNIHY ONLINE) (Version: - )
Freemake Video Converter verze 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.12.5268 - Gretech Corporation)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Mega Codec Pack 11.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 cs)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.0.6270 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8309 - MyHeritage.com)
Noční můra z hlubin: Volání Sirény (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Noční můra z hlubin: Volání Sirény) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NVIDIA PhysX v8.05.26 (HKLM-x32\...\{11AE6807-50D2-4F59-82B3-2C3E695E94C2}) (Version: 8.05.26 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
PROFIT 2017.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
ProgDVB (HKLM-x32\...\ProgDVB) (Version: 7.x - Prog)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.561 (x32 Version: 3.55.2393.561 - Avast Software) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A00522-35A8-4318-B4F9-58BCA82B4C36} - System32\Tasks\{181CE5D4-D103-47A7-9F24-61B5D5C555D7} => pcalua.exe -a C:\Users\Slamak\Downloads\DDRinstall.exe -d C:\Users\Slamak\Downloads
Task: {1350A46E-6849-45AB-89F5-E8828B4AF74A} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {17660AAA-27C1-41C3-BAC5-ECE9E2DAFC4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2295B629-0AA4-49AC-AC9A-EB6EF400D834} - System32\Tasks\SafeZone scheduled Autoupdate 1453580228 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software)
Task: {2B7492F1-AF9E-41CE-B94C-BC7B98EAEAEB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2016-07-06] ()
Task: {30CEB371-1E08-4188-8984-BCBF880E86C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-28] (Adobe Systems Incorporated)
Task: {32FD5AA6-2DB8-4649-80F0-3D4AC5D8902A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {39A9F29C-FF8C-4356-AE0E-F09700CA4A9C} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {3A94C1D7-491B-4481-8490-783C66B364D0} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2016-07-06] ()
Task: {40A9C6E6-7422-4660-9971-5FC1201A25FC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-02] (AVAST Software)
Task: {585EC883-F50D-4365-8BB2-421EA561C8F9} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {61BD3CD7-ABE6-444C-AAA2-C5A66B123018} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-10-21] ()
Task: {6C6256BD-8C35-4E21-B9EC-1B8157A45CCC} - System32\Tasks\{EDB6CCAF-7385-4F0D-81BB-3907F76463EA} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe"
Task: {7510DD46-9F1F-47BC-AC21-68BF7D20F90F} - System32\Tasks\{46AC75F9-7279-44FE-B6C8-0D1DB47FE976} => pcalua.exe -a C:\Users\Slamak\Downloads\AZ_AlbumMaker_setup(1).exe -d C:\Users\Slamak\Downloads
Task: {880E63BE-025F-4980-99B1-BE34455CFCF1} - System32\Tasks\{1A614DCE-B283-40EF-8D8F-3F54D8AD6629} => pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4719.1002 culture=cs-cz productstoremove=O365HomePremRetail_cs-cz_x-none
Task: {C836D59B-3725-4582-A701-1D3602BD53BD} - System32\Tasks\avastBCLRestartS-1-5-21-3621977129-2832859686-462106091-1001 => Firefox.exe
Task: {E2645371-307B-4252-8393-D1F4C609C258} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {E79DD6A7-60B0-4E62-BBCB-2D65C360B4B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {F477C497-7AE6-4D99-ABC8-1ED9726E8AF6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Slamak\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
Shortcut: C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\Go To StepMania web site.lnk -> hxxp://www.stepmania.com

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-03-28 19:07 - 2016-03-28 19:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-21 22:03 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 20:43 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 20:43 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 20:43 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 21:00 - 2017-03-09 01:16 - 00112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2013-02-08 21:09 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00427008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\01672ae7c7afb9bd6c248780924ab646\MailClient.Mail.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00884736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\14042f7cacb7349f4177945047b9d325\HTMLEditorControl.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00250368 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\4752696212f458517254b48565824574\MailClient.Collections.ni.dll
2016-09-25 18:29 - 2016-09-25 18:29 - 00552960 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\be7f4a9f2c42f4114e467843b6edacc2\LinqBridge.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 02072576 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Accounts\0ef2c7406dfad904ff5b15434ca778c1\MailClient.Accounts.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00445952 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Storage\a6c4da91296c1b2722242ba4bf900879\MailClient.Storage.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 02297856 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\4eb7635be70c13df4c90d117cd472e7a\MailClient.Common.UI.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00020480 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\37fddd51705d8ba64729fd21a24f53e8\MailClient.Interop.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 03458048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Protocols\e1f4ab2cbaa22fa905dc181e9a02f80b\MailClient.Protocols.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 02324992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Xilium.CefGlue\2cb3d507c7b81167657634ad1b3e94f3\Xilium.CefGlue.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00095232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WinApi\1087b36941fb59d72516a5da4161926c\WinApi.ni.dll
2016-09-21 15:40 - 2016-09-21 15:40 - 55719424 _____ () C:\Program Files (x86)\eM Client\libcef.DLL
2016-09-21 15:39 - 2016-09-21 15:39 - 00871936 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00075264 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Threading\2c48367896661f8a05b59f0c391a2b88\MailClient.Threading.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00088576 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Streams\2fb5ac0a0311a3b23ae464f787bd4f4c\MailClient.Streams.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00579584 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1fd7a4e5#\5e914ec4f789317eba301304e8c200c2\MailClient.Storage.Mail.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00101376 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.b2c914c9#\44565897bd391d05e1d685891afe8d17\MailClient.Storage.Folders.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00046592 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Commands\22fef55274139b1ffd65c0befd05ae40\MailClient.Commands.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00048640 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.5331ec95#\9554a055f06b61be8e8a33feb56881ca\MailClient.Storage.Attachment.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00260608 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.6df617c9#\0958828a4d56ad43f774cb0157bc6f1a\MailClient.Storage.Schedule.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00231936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.f2c61d2c#\5ac5347a5ad381b7788f730dcf211591\MailClient.Storage.Contact.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00074240 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.9a79bc48#\8bf96278e5de3c98e6067a3161e39f09\MailClient.Storage.IM.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00577024 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Schedule\fab297db3fd7a78e51ab91ec13b6ed39\MailClient.Schedule.ni.dll
2016-09-25 18:30 - 2016-09-25 18:30 - 00082944 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\1e373d482a3d65870cd646f07486ff6f\SystemCoreTimeZone.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00031744 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.4824fbfc#\70e92322dd4a49a9f098b1dd46edf810\MailClient.Storage.Category.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00087552 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.d8481e79#\8858d391b653ff8ddacdf458cd9ef3d5\MailClient.Storage.Certificate.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00031232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.c1d859fa#\fc1dc6d64b98a30cb489beddb109ad14\MailClient.Storage.Security.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00027136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.c3eb0b89#\941b94f000f443220b0a8c844a44a8ca\MailClient.Storage.Snippet.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00035840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.319ca19c#\3411f9e5358aa60dc40ad8c9d328271c\MailClient.Storage.Template.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00023040 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.IM\63f202338b1bdd297c19232f0c37de23\MailClient.IM.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00030208 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1fe73d22#\4caf6c30886e599ffdfe0f3d25aa5de3\MailClient.Storage.Rule.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00020992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.ff7bbfa2#\b78f7303721488d4e0acfc18ba25dab0\MailClient.Attachment.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00412160 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Contact\87f1d1d8ff3f0cc4bffc7f79f4fc5a0f\MailClient.Contact.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00075264 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Xilium.CefG0f485e28#\4c910c9b6edbf2edf4e70a40a90477fa\Xilium.CefGlue.WindowsForms.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00027136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.a758b3a0#\75dbf0e62cbb0d61224f1efa288707bb\MailClient.Storage.Widget.ni.dll
2016-09-25 18:30 - 2016-09-25 18:30 - 01567744 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\d7e36651ac19471a87dbdf681093ecad\WindowsAPICodePack.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00095744 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\57c43e06e4105185d97de1fa4f13d703\MailClient.Sasl.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00253440 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\6226d0ab9b6873fb964742ae9fa2f66c\MailClient.Imap.Base.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00041472 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.2d2de33e#\a6e2c2ce679ca60df8e30e94c2819150\MailClient.HtmlConversion.ni.dll
2017-03-02 19:44 - 2017-03-02 19:44 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-03 13:08 - 2016-07-03 13:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-02 19:43 - 2017-03-02 19:43 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-02 19:44 - 2017-03-02 19:44 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-02 22:45 - 2017-03-02 22:44 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-03-09 19:25 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Slamak\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Acer Backup Manager Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "RadioController"
HKLM\...\StartupApproved\Run32: => "NtVdmSrv"
HKLM\...\StartupApproved\Run32: => "LManager"
HKLM\...\StartupApproved\Run32: => "Monitor"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "ProgLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DA525EAC-6852-482F-AA63-74E18CFA687B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{983CF36B-CB3D-4385-971B-FD79973B6783}] => (Allow) LPort=1900
FirewallRules: [{C20889E0-6A14-404A-BE8A-6309D99072A4}] => (Allow) LPort=2869
FirewallRules: [{9431EEC7-ED77-47CF-A15D-FF8F6E28B0B1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{1EF1063B-344D-4257-81B2-F94ECA4C15BB}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{54DC1741-7570-4420-B713-C0B174C039A9}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{3BCF9347-E346-46E0-B33F-A4BC67D2A2EF}] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{064AD829-5C27-47EF-AE3D-2FC9FA0C2312}] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{7B39F568-61F0-4193-875D-D29EFB358C9F}] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [{13F9C526-59E9-4DE2-BA2C-2320D4C8DBD7}] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{99F5D564-1C52-4ED1-90FF-F546A28BC91E}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{4CD18BA7-7FEA-4FC5-9849-F5C422EECF5C}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{209C1F0F-6329-458A-B4A6-7DD85D1F1A77}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{A9789E06-29D9-4BCA-AC6E-1484948C3FFD}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{76C5B11D-E3B1-4EA6-9084-3A45E83D0B0E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{54138E86-28AE-4ED8-8835-64438D0A2B9D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7C0852DB-1D41-4918-AFCA-448A793918F7}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{E2CD2A1C-03FB-455B-9231-AC5C53314E76}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{9842AC32-6485-453D-8FFC-A38E68AE5A84}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{49D6C8F0-2D7A-42CB-86BB-547F812FEF5C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{E8C9F16C-DD0C-45EC-B7CE-D1FA42A123A6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B98B703E-E1A4-4826-A256-1E06246CFF86}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{4438A42E-CA01-487A-A81F-96AD350C6535}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{A85D8387-645E-44E9-94E1-34AA456EB606}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{BFCFDD45-68EB-4105-8726-73306E3B622A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{33049DF9-DBBD-4769-9505-68649786D112}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{1DCA56D4-AD07-48B8-8297-ABD1F86884C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{DDC7E40F-1333-444F-B1B6-E83D9E46BDD7}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{0765CE9F-2F1D-46EF-BA2D-8035F6F32525}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{787E5484-3AEB-4774-A241-823C0F3D7FC3}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{BE1DCC74-2862-4763-B8E4-73A2264E94C1}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{5CEF367C-579E-4CA3-8269-AA0A5F195804}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{93A5B1E3-0F5F-41E7-AEED-71D9A29FE05E}] => (Allow) LPort=54925
FirewallRules: [{ED95B026-8EE2-48BA-A20C-78F41E095F3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B889CF8-37E5-4CC8-A046-2198B81E3151}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3F197BA-31E7-477E-9BB3-4180D5FEAA98}] => (Allow) C:\Program Files (x86)\Hry.cz\Nightmares from the Deep The Sirens Call\Nocnimurazhlubin_VolaniSireny.exe
FirewallRules: [TCP Query User{82F58A0E-8AC8-483F-85FE-1DD266BB7CF0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{328DF6A7-3A5F-49FD-9071-2666B4016B18}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B1029764-1F37-4419-9554-D6C613B735F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EA82611E-15D4-4328-8C80-B987426B92D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63BEB568-CDE7-4A80-98B3-911641C9829E}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{30CB0268-27E1-4B48-B980-938917BA621B}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{FE085ABC-22CA-4390-8736-2CA26E883E36}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{952311B2-4BB1-4F48-912D-75986740EF7F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6853868E-3294-4265-B6FC-0B31B1EEAF5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F6F4E9A0-1709-4F31-9BD2-A1E011E8D7EE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2017 07:14:27 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/16/2017 07:14:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/15/2017 08:38:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SlamakAcer)
Description: Balíček Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/14/2017 07:22:03 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\Slamak\Desktop\FRST64.exe; Popis = Restore Point Created by FRST; Chyba = 0x8004230f).

Error: (03/14/2017 07:21:58 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zkontrolovat, zda poskytovatel podporuje svazek
Přidat svazek k sadě stínových kopií

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {00000000-0000-0000-0000-000000000000}
Kontext snímku: 4194317
Kontext spuštění: Coordinator
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
Název svazku: \\?\Volume{1e8a02e0-dd41-4ffc-806f-931e1bf7dbfa}\
Kontext spuštění: Coordinator

Error: (03/14/2017 07:21:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zkontrolovat, zda poskytovatel podporuje svazek
Přidat svazek k sadě stínových kopií

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {00000000-0000-0000-0000-000000000000}
Kontext snímku: 4194317
Kontext spuštění: Coordinator
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
Název svazku: \\?\Volume{1e8a02e0-dd41-4ffc-806f-931e1bf7dbfa}\
Kontext spuštění: Coordinator

Error: (03/14/2017 07:21:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/14/2017 07:21:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny GetProviderMgmtInterface došlo k neočekávané chybě. hr= 0x8004230f, Při pokusu o zpracování určené operace došlo k neočekávané chybě zprostředkovatele stínové kopie.
.

Error: (03/14/2017 07:21:49 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Získávání rozhraní správy zprostředkovatele

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {00000000-0000-0000-0000-000000000000}
Kontext snímku: -1
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/14/2017 07:21:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Získávání rozhraní správy zprostředkovatele

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {00000000-0000-0000-0000-000000000000}
Kontext snímku: -1
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}


System errors:
=============
Error: (03/16/2017 06:07:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2017 05:01:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2017 03:33:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2017 01:57:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2017 07:07:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 10:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 09:40:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 09:10:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 07:58:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 07:52:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 50%
Total physical RAM: 3909.28 MB
Available physical RAM: 1920.57 MB
Total Virtual: 4613.28 MB
Available Virtual: 2428.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:911.75 GB) (Free:362.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4B1BB8FD)

Partition: GPT.

==================== End of Addition.txt ============================

[Kodlz]

opet vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:

CHR StartupUrls: Default -> "hxxp://websearch.just-browse.info/"
end

[slamax]

Žádná změna



Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Slamak (18-03-2017 12:28:54) Run:3
Running from C:\Users\Slamak\Desktop
Loaded Profiles: Slamak (Available Profiles: Slamak)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:

CHR StartupUrls: Default -> "hxxp://websearch.just-browse.info/"
end



*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.
Chrome StartupUrls => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 51897800 B
Java, Flash, Steam htmlcache => 2906 B
Windows/system/drivers => 321798 B
Edge => 0 B
Chrome => 0 B
Firefox => 340794913 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6530 B
NetworkService => 0 B
Slamak => 35503977 B

RecycleBin => 379534793 B
EmptyTemp: => 770.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:31:55 ====