VIRY.CZ

Zdravím,
Poslední dobou mám pocit, že mám PC nějak zpomalené. Celkově se nějak dlouho spouští a i spuštění aplikací je takové lenivější.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dadejs at 2018-10-02 18:24:55
Microsoft Windows 10 Home
System drive C: has 95 GB (21%) free of 451 GB
Total RAM: 4078 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:24:58, on 2.10.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files\trend micro\Dadejs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
O4 - HKLM\..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
O4 - HKLM\..\Run: [4-Day Forecast] "C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe" /Startup
O4 - HKLM\..\Run: [Raptr] C:\Program Files (x86)\Raptr\RAPTRS~1.EXE --startup
O4 - HKLM\..\Run: [SilentCleanService] C:\Program Files (x86)\iMobie\PhoneClean\SilentCleanServer.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Syncios device service] C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dadejs\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [MusicManager] "C:\Users\Dadejs\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Dadejs\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam2\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Avast Cleanup Premium.lnk = C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Avast Cleanup Premium (CleanupPSvc) - AVAST Software - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\WINDOWS\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Samsung Electronics Co.,Ltd - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 17080 bytes

======Listing Processes======









c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
winlogon.exe
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\atiesrxx.exe
atieclxx
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\syswow64\svchost.exe -k hpdevmgmt -s hpqddsvc
C:\WINDOWS\system32\IProsetMonitor.exe
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\jmesoft\Service.exe
C:\windows\System32\svchost.exe -k HPZ12
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe"

C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files\Samsung\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4

c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
dashost.exe {61e4bd34-6658-4fb5-a53f76d61949e64d}
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

c:\windows\system32\svchost.exe -k hpservice -s HPSLPSVC
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\SAMSUNG\Samsung Link\Samsung Link Tray Agent.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
KHALMNPR.EXE /API
AvastUI.exe /nogui
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe" /nogui
"C:\Windows\jmesoft\hotkey.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
"C:\Windows\jmesoft\JME_LOAD.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding

c:\windows\syswow64\svchost.exe -k hpdevmgmt -s hpqcxs08
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\WINDOWS\system32\AUDIODG.EXE 0x4a4
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Dadejs\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Avast Driver Updater Startup.job - C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe -boot

=========Mozilla firefox=========

ProfilePath - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316

prefs.js - "browser.startup.homepage" - "https://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.108 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.181.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.181.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 31.0.0.108 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFFICE.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-15 204880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-15 152104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-25 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-25 194424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-10-26 11543656]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-10-07 1744152]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2016-03-09 615144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-08-30 242392]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-08-23 301880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Dadejs\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-07-15 1630368]
"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
"Google Update"=C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [2017-11-17 601680]
"MusicManager"=C:\Users\Dadejs\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [2018-01-30 5968896]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26 67384]
"cz.seznam.software.szndesktop"=C:\Users\Dadejs\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-02-16 5263040]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-06-26 110392]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"Steam"=C:\Program Files (x86)\Steam2\steam.exe [2018-09-08 3207968]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-09-19 18594760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2018-06-26 67896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2018-08-22 68920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2018-09-19 18594760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-06-26 67384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-06 27832264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\WINDOWS\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\Program Files (x86)\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dadejs^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
C:\Program Files (x86)\Evernote\Evernote\EVERNO~2.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"jmekey"=C:\windows\jmesoft\hotkey.exe [2011-03-21 118784]
"jmesoft"=C:\Windows\jmesoft\ServiceLoader.exe [2011-03-16 28672]
"Lenovo Eye Distance System"=C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [2010-09-09 265216]
"Lenovo Dynamic Brightness System"=C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [2010-10-08 285696]
"4-Day Forecast"=C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe [2008-11-10 1060864]
"Raptr"=C:\Program Files (x86)\Raptr\RAPTRS~1.EXE [2015-10-01 56080]
"SilentCleanService"=C:\Program Files (x86)\iMobie\PhoneClean\SilentCleanServer.exe [2018-01-04 488936]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"Syncios device service"=C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [2018-02-27 2174072]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast Cleanup Premium.lnk - C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-09-27 68376]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-09-30 11:00:06 ----A---- C:\WINDOWS\system32\drivers\SWDUMon.sys
2018-09-30 10:59:53 ----D---- C:\Program Files (x86)\Avast Driver Updater
2018-09-26 17:19:23 ----D---- C:\Program Files (x86)\EA Sports
2018-09-21 22:11:51 ----D---- C:\Program Files\iPod
2018-09-21 22:08:16 ----D---- C:\Program Files\iTunes
2018-09-11 19:09:53 ----D---- C:\WINDOWS\LastGood.Tmp
2018-09-07 22:55:45 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

======List of files/folders modified in the last 1 month======

2018-10-02 18:24:57 ----D---- C:\Program Files\trend micro
2018-10-02 18:24:01 ----D---- C:\WINDOWS\Temp
2018-10-02 18:23:10 ----D---- C:\WINDOWS\Prefetch
2018-10-02 18:22:36 ----D---- C:\Windows
2018-10-02 18:12:21 ----D---- C:\WINDOWS\INF
2018-10-02 18:12:19 ----D---- C:\WINDOWS\SoftwareDistribution
2018-10-02 18:12:19 ----D---- C:\WINDOWS\Logs
2018-10-02 18:10:10 ----AD---- C:\Program Files\CCleaner
2018-10-02 18:09:44 ----D---- C:\WINDOWS\system32\Tasks
2018-10-02 18:08:44 ----D---- C:\WINDOWS\system32\SleepStudy
2018-10-02 17:54:51 ----SHDC---- C:\WINDOWS\Installer
2018-10-02 17:53:43 ----D---- C:\WINDOWS\DeliveryOptimization
2018-10-02 17:45:39 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2018-10-02 17:41:28 ----D---- C:\WINDOWS\system32\drivers
2018-10-02 17:41:18 ----D---- C:\WINDOWS\system32\sru
2018-10-02 17:41:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-02 17:41:08 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-10-01 21:51:59 ----SHD---- C:\System Volume Information
2018-10-01 21:48:37 ----D---- C:\WINDOWS\system32\drivers\wd
2018-09-30 11:00:21 ----D---- C:\WINDOWS\Tasks
2018-09-30 10:59:54 ----D---- C:\Config.Msi
2018-09-30 10:59:53 ----D---- C:\Program Files (x86)
2018-09-26 17:57:56 ----D---- C:\Program Files (x86)\Steam2
2018-09-26 17:23:06 ----D---- C:\WINDOWS\SysWOW64
2018-09-26 17:19:38 ----D---- C:\WINDOWS\system32\config
2018-09-21 22:11:51 ----RD---- C:\Program Files
2018-09-21 19:59:39 ----D---- C:\Users\Dadejs\AppData\Roaming\Media Player Classic
2018-09-21 19:59:39 ----D---- C:\Users\Dadejs\AppData\Roaming\DAEMON Tools Lite
2018-09-21 19:58:41 ----D---- C:\WINDOWS\Minidump
2018-09-15 20:16:49 ----D---- C:\WINDOWS\System32
2018-09-15 20:16:49 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-09-15 20:13:54 ----RD---- C:\WINDOWS\Microsoft.NET
2018-09-15 20:13:31 ----D---- C:\Program Files (x86)\Common Files
2018-09-15 20:10:41 ----AD---- C:\Program Files (x86)\Microsoft Office
2018-09-12 22:17:45 ----D---- C:\WINDOWS\system32\Macromed
2018-09-12 22:17:42 ----D---- C:\WINDOWS\SYSWOW64\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-08-30 201320]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-08-30 346664]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-08-30 59568]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2018-06-25 15360]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-08-30 87904]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-08-30 381560]
R0 fbfmon;fbfmon; C:\WINDOWS\system32\drivers\fbfmon.sys [2011-08-26 57952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-08-30 199712]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-08-30 229384]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-08-30 249016]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-08-30 111864]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-08-30 1027720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-08-30 467232]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-03-30 59808]
R1 BPntDrv;BPntDrv; C:\WINDOWS\system32\drivers\BPntDrv.sys [2011-08-26 13408]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-03-30 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2017-04-23 27552]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-08-30 163272]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-08-30 214800]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 AtiHDAudioService;@oem56.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2017-04-23 110096]
R3 dtlitescsibus;@oem9.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2018-02-25 30264]
R3 dtliteusbbus;@oem16.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2018-02-25 47672]
R3 e1cexpress;@oem10.inf,%e1cExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [2017-06-02 472016]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2010-10-26 2530152]
R3 LHidFilt;@oem17.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
R3 LMouFilt;@oem17.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2018-10-02 259360]
R3 MEIx64;@oem30.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2018-03-30 176128]
R3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw64e.sys [2016-09-03 50640]
S0 amdkmafd;@oem34.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-06-03 31992]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S1 hsemclvc;hsemclvc; \??\C:\WINDOWS\system32\drivers\hsemclvc.sys []
S1 MpKslb397354c;MpKslb397354c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFFE26B0-0FC1-486A-A0AB-24B73D09A774}\MpKslb397354c.sys []
S1 odtkleju;odtkleju; \??\C:\WINDOWS\system32\drivers\odtkleju.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-08-30 46968]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;@oem62.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2018-07-28 131984]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\SysWOW64\FsUsbExDisk.SYS [2013-05-22 37344]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-05-12 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 RTSUER;@oem61.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2018-04-15 424384]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2016-10-18 21984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-16 255472]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-08-23 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-08-30 322464]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_5425e;Uživatelská služba platformy připojených zařízení_5425e; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CleanupPSvc;Avast Cleanup Premium; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [2018-03-11 7649576]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-09-08 9658664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2018-04-17 1659456]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\syswow64\svchost.exe [2017-09-29 44520]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2017-09-29 48688]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [2017-02-27 505856]
R2 JME Keyboard;JME Keyboard Driver; C:\Windows\jmesoft\Service.exe [2011-03-16 32768]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2017-09-30 26112]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2017-09-29 48688]
R2 OneSyncSvc_5425e;Hostitel synchronizace_5425e; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2017-09-29 48688]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2016-03-09 623848]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-08-30 7994520]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-02-16 3480768]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2017-09-29 44520]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_5425e;Data kontaktů_5425e; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06 164984]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-09-29 52856]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-06 164984]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-08-30 57504]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_5425e;Tok zařízení_5425e; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-05-03 86016]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-12-16 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-08-23 659768]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-09-27 359192]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2017-06-09 271128]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_5425e;Služba zasílání zpráv_5425e; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-09-25 196048]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-08-27 215320]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_5425e;PrintWorkflow_5425e; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------


Díky moc za kontrolu.

Ahoj

Ak nepouzivas, odporucam odinstalovat Seznam Software (Seznam Listicka).

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

Potvora lištička mi odinstalovat nejde, hlásí to nějakou chybu.

Log zde:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-01.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-03-2018
# Duration: 00:00:31
# OS: Windows 10 Home
# Scanned: 31913
# Detected: 6


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

PUP.Optional.Legacy C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\Driver Booster Scheduler

***** [ Registry ] *****

PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B68EAB3-11A9-4CC4-9668-CE410F8F0C07}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1793 octets] - [13/05/2018 11:52:39]
AdwCleaner[C00].txt - [1786 octets] - [13/05/2018 12:03:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-01.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-03-2018
# Duration: 00:00:08
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B68EAB3-11A9-4CC4-9668-CE410F8F0C07}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1793 octets] - [13/05/2018 11:52:39]
AdwCleaner[C00].txt - [1786 octets] - [13/05/2018 12:03:40]
AdwCleaner[S01].txt - [1851 octets] - [03/10/2018 17:21:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=154679

1.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.10.2018
Ran by Dadejs (administrator) on DADEJS-PC (03-10-2018 18:40:08)
Running from C:\Users\Dadejs\Desktop
Loaded Profiles: Dadejs (Available Profiles: Dadejs & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\jmesoft\Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link Tray Agent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-30] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc.)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2011-03-21] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-16] ()
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [4-Day Forecast] => C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe [1060864 2008-11-10] ()
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\RAPTRS~1.EXE [56080 2015-10-01] (Raptr, Inc)
HKLM-x32\...\Run: [SilentCleanService] => C:\Program Files (x86)\iMobie\PhoneClean\SilentCleanServer.exe [488936 2018-01-04] (iMobie Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [2174072 2018-02-27] ()
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [Google Update] => C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-17] (Google Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [MusicManager] => C:\Users\Dadejs\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [5968896 2018-01-30] (Google Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Dadejs\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-02-16] (Disc Soft Ltd)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam2\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2017-12-26]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2faf1ea1-f0a0-4770-9457-da6c90906265}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{32e90e6b-2749-4fe6-b287-ffdfbc08fe80}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-25] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6iacqo6s.default-1402684941049-1528641835316
FF ProfilePath: C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316 [2018-10-03]
FF Homepage: Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316 -> hxxps://www.centrum.cz/
FF Extension: (Avast Online Security) - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\Extensions\wrc@avast.com.xpi [2018-06-25]
FF Extension: (Video DownloadHelper) - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Firefox Monitor) - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\features\{9f60ec91-293a-4cfa-aa54-54ec7920516b}\fxmonitor@mozilla.org.xpi [2018-09-25]
FF Extension: (Telemetry coverage) - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\features\{9f60ec91-293a-4cfa-aa54-54ec7920516b}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-25] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-19] [Legacy] [not signed]
FF HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-10-17] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin HKU\S-1-5-21-2026504303-3394863346-1200617100-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2026504303-3394863346-1200617100-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2026504303-3394863346-1200617100-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dadejs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default [2018-10-02]
CHR Extension: (Prezentace) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-15]
CHR Extension: (Dokumenty) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-15]
CHR Extension: (Disk Google) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-15]
CHR Extension: (YouTube) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-15]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-20]
CHR Extension: (Tabulky) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-15]
CHR Extension: (Avast Online Security) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-15]
CHR Extension: (Gmail) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-15]
CHR Extension: (Chrome Media Router) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-30] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-30] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-30] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [7649576 2018-03-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-02-16] (Disc Soft Ltd)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2018-04-17] (Foxit Software Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [505856 2017-02-27] (Intel Corporation) [File not signed]
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [File not signed]
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [271128 2017-06-09] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-30] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-30] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-30] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-30] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-30] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-25] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-30] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163272 2018-08-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467232 2018-08-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214800 2018-08-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-30] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2017-04-23] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2018-07-28] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-02-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-02-25] (Disc Soft Ltd)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [472016 2017-06-02] (Intel Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-04-23] (REALiX(tm))
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-10-03] (Malwarebytes)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-04-15] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-01] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [352424 2018-10-01] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-01] (Microsoft Corporation)
R0 WinI2C-DDC; C:\WINDOWS\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
S1 hsemclvc; \??\C:\WINDOWS\system32\drivers\hsemclvc.sys [X]
S1 MpKslb397354c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFFE26B0-0FC1-486A-A0AB-24B73D09A774}\MpKslb397354c.sys [X]
S1 odtkleju; \??\C:\WINDOWS\system32\drivers\odtkleju.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 18:40 - 2018-10-03 18:43 - 000029380 _____ C:\Users\Dadejs\Desktop\FRST.txt
2018-10-03 18:39 - 2018-10-03 18:39 - 000000000 ____D C:\Users\Dadejs\Desktop\FRST-OlderVersion
2018-10-03 18:34 - 2018-10-03 18:39 - 002414080 _____ (Farbar) C:\Users\Dadejs\Desktop\FRST64.exe
2018-10-03 17:25 - 2018-10-03 17:25 - 000003176 _____ C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot
2018-10-03 17:18 - 2018-10-03 17:18 - 007592144 _____ (Malwarebytes) C:\Users\Dadejs\Desktop\adwcleaner_7.2.4.0.exe
2018-10-02 18:22 - 2018-10-02 18:22 - 001222144 _____ C:\Users\Dadejs\Desktop\RSITx64.exe
2018-09-30 12:55 - 2018-09-30 12:55 - 000000000 ____D C:\Users\Dadejs\AppData\Local\mbam
2018-09-30 11:00 - 2018-10-02 17:41 - 000000504 _____ C:\WINDOWS\Tasks\Avast Driver Updater Startup.job
2018-09-30 11:00 - 2018-09-30 11:00 - 000003004 _____ C:\WINDOWS\System32\Tasks\Avast Driver Updater Startup
2018-09-30 10:59 - 2018-09-30 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2018-09-30 10:59 - 2018-09-30 10:59 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2018-09-26 17:24 - 2018-09-26 21:50 - 000000000 ____D C:\Users\Dadejs\Documents\NHL09
2018-09-26 17:23 - 2018-09-26 17:23 - 000002034 _____ C:\WINDOWS\SysWOW64\ealregsnapshot1.reg
2018-09-26 17:22 - 2018-09-26 17:22 - 000001776 _____ C:\Users\Public\Desktop\NHL® 09.lnk
2018-09-26 17:19 - 2018-09-26 17:19 - 000000000 ____D C:\Program Files (x86)\EA Sports
2018-09-21 22:12 - 2018-09-21 22:12 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-09-21 22:12 - 2018-09-21 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-09-21 22:11 - 2018-09-21 22:11 - 000000000 ____D C:\Program Files\iPod
2018-09-21 22:08 - 2018-09-21 22:11 - 000000000 ____D C:\Program Files\iTunes
2018-09-15 22:35 - 2018-09-15 22:35 - 000002261 _____ C:\Users\Dadejs\Desktop\Google Chrome (2).lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-09-14 22:45 - 2018-09-14 22:45 - 000001559 _____ C:\Users\Dadejs\Desktop\Extraliga 2018-19.xlsx – zástupce.lnk
2018-09-12 22:16 - 2018-09-12 22:18 - 000000000 ____D C:\Users\Dadejs\AppData\Local\Adobe
2018-09-11 19:09 - 2018-09-11 19:09 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-09-07 22:55 - 2018-10-03 17:27 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 18:40 - 2017-11-18 20:52 - 000000000 ____D C:\FRST
2018-10-03 18:39 - 2016-11-19 09:22 - 000000000 ____D C:\Users\Dadejs\AppData\LocalLow\Mozilla
2018-10-03 18:37 - 2017-04-22 12:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-03 18:37 - 2013-08-17 19:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-03 18:37 - 2012-11-23 23:48 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-03 18:31 - 2017-12-16 16:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-03 17:39 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-10-03 17:33 - 2018-07-25 18:51 - 000000000 ____D C:\Users\Dadejs\AppData\Local\AVAST Software
2018-10-03 17:32 - 2018-04-15 11:00 - 000000000 ___RD C:\Users\Dadejs\iCloudDrive
2018-10-03 17:28 - 2011-08-26 05:10 - 000260725 _____ C:\WINDOWS\system32\fastboot.set
2018-10-03 17:27 - 2017-12-16 17:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-03 17:26 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-02 18:24 - 2012-12-21 19:42 - 000000000 ____D C:\Program Files\trend micro
2018-10-02 18:12 - 2018-06-26 23:07 - 000000000 ____D C:\Users\Dadejs\AppData\Local\CrashDumps
2018-10-02 18:12 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-10-02 18:10 - 2015-12-19 14:46 - 000000000 ____D C:\Program Files\CCleaner
2018-10-02 18:09 - 2017-12-16 17:27 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-02 18:09 - 2015-12-19 14:46 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-10-01 21:48 - 2018-03-03 17:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-01 21:36 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-09-30 12:54 - 2017-12-16 17:27 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-09-30 12:54 - 2017-12-16 17:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-09-26 21:46 - 2011-11-19 17:35 - 000000000 ____D C:\Users\Dadejs\Documents\Moto
2018-09-26 17:57 - 2018-07-25 17:49 - 000000000 ____D C:\Program Files (x86)\Steam2
2018-09-26 17:23 - 2015-08-06 21:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-09-26 17:22 - 2011-11-19 20:19 - 000000000 ____D C:\Users\Dadejs\AppData\Local\Downloaded Installations
2018-09-26 16:44 - 2017-05-13 20:12 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-09-23 14:37 - 2017-12-16 16:59 - 000000000 ____D C:\Users\DefaultAppPool
2018-09-21 19:59 - 2018-06-01 22:19 - 000000000 ____D C:\Users\Dadejs\AppData\Roaming\Media Player Classic
2018-09-21 19:59 - 2018-02-25 12:15 - 000000000 ____D C:\Users\Dadejs\AppData\Roaming\DAEMON Tools Lite
2018-09-21 19:58 - 2017-12-25 09:51 - 000000000 ____D C:\WINDOWS\Minidump
2018-09-20 18:01 - 2016-08-15 18:47 - 000000000 ____D C:\Users\Dadejs\Documents\tata
2018-09-19 22:16 - 2018-04-06 17:26 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-19 22:00 - 2012-09-16 09:18 - 000000000 ____D C:\Users\Dadejs\Documents\comics
2018-09-18 22:00 - 2014-11-27 08:37 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-15 20:16 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-15 20:10 - 2011-11-19 17:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-12 22:17 - 2018-03-14 19:11 - 000004646 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-12 22:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-09-12 22:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-09-08 22:41 - 2017-12-16 16:59 - 000000000 ____D C:\Users\Dadejs
2018-09-07 22:53 - 2018-04-05 21:24 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-09-05 21:40 - 2013-12-27 08:51 - 000000000 ____D C:\Users\Dadejs\Documents\Film

==================== Files in the root of some directories =======

2018-02-28 23:33 - 2018-04-10 21:59 - 000004096 ____H () C:\Users\Dadejs\AppData\Local\keyfile3.drm
2017-09-06 22:15 - 2017-09-06 22:15 - 000002288 _____ () C:\Users\Dadejs\AppData\Local\recently-used.xbel
2014-05-17 21:09 - 2014-11-04 22:18 - 000007610 _____ () C:\Users\Dadejs\AppData\Local\Resmon.ResmonCfg
2012-04-21 10:51 - 2012-04-21 10:52 - 000000210 _____ () C:\Users\Dadejs\AppData\Local\SRDownloader.err
2012-04-21 10:50 - 2012-04-21 10:53 - 000001528 _____ () C:\Users\Dadejs\AppData\Local\SRDownloader.nast

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-12 20:10

==================== End of FRST.txt ============================

2.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.10.2018
Ran by Dadejs (03-10-2018 18:44:15)
Running from C:\Users\Dadejs\Desktop
Windows 10 Home Version 1709 16299.431 (X64) (2017-12-16 15:29:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2026504303-3394863346-1200617100-500 - Administrator - Disabled)
Dadejs (S-1-5-21-2026504303-3394863346-1200617100-1001 - Administrator - Enabled) => C:\Users\Dadejs
DefaultAccount (S-1-5-21-2026504303-3394863346-1200617100-503 - Limited - Disabled)
Guest (S-1-5-21-2026504303-3394863346-1200617100-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2026504303-3394863346-1200617100-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1483, 27.02.2015 - AIMP DevTeam)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 17.3.4228 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{984D8789-07A6-4CD8-9766-35408C67395D}) (Version: 2.4.0 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.4.0 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.81 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
ComicRack v0.9.177 (HKLM\...\ComicRack) (Version: v0.9.177 - cYo Soft)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.1.0342 - Disc Soft Ltd)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.5.1 - IObit)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.2.4 - CEWE Stiftung u Co. KGaA)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Foxit PhantomPDF Standard (HKLM-x32\...\{002C7EBB-F986-4C33-AD1A-9A1570F2FBBE}) (Version: 7.2.0.722 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
GonVisor 2.51.04 (HKLM-x32\...\GonVisor_is1) (Version: - GON)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Harry Potter (HKLM-x32\...\{3F50AF3B-8997-4916-0095-99D63DDB785A}) (Version: - )
Harry Potter CZ (HKLM-x32\...\Harry Potter CZ) (Version: - )
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - )
Harry Potter(TM) a vězeň z Azkabanu (HKLM-x32\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version: - )
HF Designer 5.2 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
iMyfone Umate 3.5.0.0 (HKLM-x32\...\{5284F901-9F62-4462-A0E6-2E4373A64454}_is1) (Version: 3.5.0.0 - Shenzhen iMyfone Technology Co., Ltd.)
Intel(R) Network Connections 22.1.104.0 (HKLM\...\PROSetDX) (Version: 22.1.104.0 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Johanka z Arku (HKLM-x32\...\{F2AFB780-FF87-4E4B-8097-451152CDD321}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Lenovo Solution Center (HKLM\...\{06913C0C-88EB-42AF-9D94-3E9136CEE9BC}) (Version: 3.6.002.003 - Lenovo)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Medvěd Míša - Cesta kolem světa (HKLM-x32\...\Medvěd Míša - Cesta kolem světa) (Version: - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0a1 - Mozilla)
Music Manager (HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\MusicManager) (Version: - Google, Inc.)
NHL® 09 (HKLM-x32\...\{F2B5A2A7-2DF9-4361-8BD5-362714528B51}) (Version: 2.0.1.0 - Electronic Arts)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PhoneClean (HKLM-x32\...\PhoneClean) (Version: 5.1.1.0 - iMobie Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Pokémon Trading Card Game Online (HKLM-x32\...\{81A5C6E9-AF9A-4EF9-B3C4-F9001D59800B}) (Version: 2.25.0 - The Pokémon Company International)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Slovník Verdict Free (a internetový překladač) (HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Verdict Free) (Version: - )
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
SPCA1628 PC Driver (HKLM-x32\...\{5F1C7F21-AB33-4362-BCEE-6E0FD1EDC6D8}) (Version: 1.2.1.0 - Icatch)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sweet Home 3D version 4.6 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
Syncios 6.3.3 (HKLM-x32\...\Syncios) (Version: 6.3.3 - Anvsoft)
Tomb Raider II (HKLM-x32\...\Tomb Raider II) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-07-10] (Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-02-16] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-02-16] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {014B00E9-0FC2-4C75-BEB8-43876596CEC3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
"{0319D346-9E60-4CE2-B937-EF6C981CC0F1}" task was unlocked. <==== ATTENTION
"{03BAB3F3-7CFB-408A-9756-70F45BE325AC}" task was unlocked. <==== ATTENTION
"{04E9E27D-20BA-4966-9A08-59E136EAC4E1}" task was unlocked. <==== ATTENTION
"{050CEDD3-9FA4-4FD4-9E7D-0C1BD2A2327C}" task was unlocked. <==== ATTENTION
"{05336594-7C19-4BFE-BD11-D0C01A1BEBD9}" task was unlocked. <==== ATTENTION
"{0621FDBB-ADD5-44B7-A2AB-8288118B6295}" task was unlocked. <==== ATTENTION
Task: {07744BA4-96B1-4F11-8DCE-5FD63803FAFE} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2017-06-09] (Lenovo)
"{086C0D27-1C10-401B-91E0-5B520679C1AF}" task was unlocked. <==== ATTENTION
"{08ECD6F8-3E70-482C-9F54-C96A9C1A773F}" task was unlocked. <==== ATTENTION
"{0A063F1F-FD4F-4649-88AC-8D1D2F997CB9}" task was unlocked. <==== ATTENTION
Task: {0A86DDF4-6781-4197-AC2B-83D4E0DCD137} - System32\Tasks\{E514DE3A-4FCA-467E-941A-18C7F5CB3A41} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw
"{0B0769E9-1E00-4421-A10B-980BA1360A23}" task was unlocked. <==== ATTENTION
Task: {0B0B287C-CEF0-40F9-8575-F88C2C452C6F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0C57EBB9-7E46-4793-95A7-65F4CA0863BE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
"{0F807A51-1ECC-4778-B874-7A001F54BA47}" task was unlocked. <==== ATTENTION
Task: {13CB64C3-5AAB-4364-B971-DAD06345D588} - System32\Tasks\{CA57B439-FA24-4A52-BBD1-CE08A387C814} => C:\windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
"{158D3281-FEB3-47C2-87B9-EE652382C0AB}" task was unlocked. <==== ATTENTION
Task: {1797599F-5E83-4726-9072-597EE8009E7A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
"{17A68EC1-555F-454C-9497-A48240207E9F}" task was unlocked. <==== ATTENTION
"{186E9E68-B19B-4176-A17A-52E89C77CE3C}" task was unlocked. <==== ATTENTION
Task: {188DC2B1-C853-4CC2-9595-51C3DD5E79E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-15] (Microsoft Corporation)
"{189D42EF-2591-48A8-B909-B9641012E4A0}" task was unlocked. <==== ATTENTION
Task: {1956A466-0499-4615-82AB-273C27CDE05D} - System32\Tasks\{44B4B797-88CB-44D2-BBD7-94D8305AD30D} => C:\GOG Games\Fallout\falloutw.exe
Task: {1A03F2AF-5250-4B79-8D91-E91013682100} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-01] (Microsoft Corporation)
"{1AC6AC41-1738-4927-B753-9C8950F7EAC8}" task was unlocked. <==== ATTENTION
Task: {1B52CAA3-D13E-4A67-B865-4725666DF5C2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B82E762-6D0B-4E55-B6D1-068856B84159} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-30] (AVAST Software)
Task: {1C33348C-12FE-48B4-86C6-A126412224FB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2026504303-3394863346-1200617100-1001Core => C:\Users\Dadejs\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-27] (Google Inc.)
"{1E292176-992E-47B7-A51F-8272CD6AC2EF}" task was unlocked. <==== ATTENTION
Task: {1FF983FD-4654-4E88-80D3-B6B38D5D935A} - System32\Tasks\{878F13FE-1C23-497E-BAAC-B6E844415B90} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\Documents\Downloads\Codecs6030_allin1.exe -d C:\Users\Dadejs\Documents\Downloads
"{22CE4332-A8D7-4E5F-A8B1-CDF64CD796D8}" task was unlocked. <==== ATTENTION
"{2314E520-E0D7-4B46-8EB4-7FEAA89B859C}" task was unlocked. <==== ATTENTION
"{24027046-B56F-4E19-9487-1C8F984C270B}" task was unlocked. <==== ATTENTION
"{2646432D-A31A-41EC-88D5-495FF767E1ED}" task was unlocked. <==== ATTENTION
"{26810429-E00E-44DC-8EB3-0F924A856085}" task was unlocked. <==== ATTENTION
"{27063F07-F01A-4F6E-8A90-DF0D9F497D77}" task was unlocked. <==== ATTENTION
Task: {28C779DC-016D-43AF-8D67-27474A3D5179} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {2A0EE3BC-C873-4413-9161-31F1CCDF26EC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
"{2C807F3D-B764-4990-BE1A-C2466CA7CF8E}" task was unlocked. <==== ATTENTION
Task: {33DCD19E-2FB8-4EBD-9A2D-68C3E4296CAF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {3502E266-2B0B-4E9C-A9EE-8C490266F114} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
"{35586928-753A-4F72-9A56-EAB9F75B4092}" task was unlocked. <==== ATTENTION
"{36713542-0103-4035-B316-A447E72506AC}" task was unlocked. <==== ATTENTION
"{36EECAE1-3E34-4A61-8394-42D7F23F0455}" task was unlocked. <==== ATTENTION
"{37292EA8-F458-47ED-A55C-5A3A1CCF5FD5}" task was unlocked. <==== ATTENTION
"{37449A31-039E-4B1D-8F13-E8C24D7833D4}" task was unlocked. <==== ATTENTION
"{37E715E6-383C-4ADF-813E-10FF9F50D9F7}" task was unlocked. <==== ATTENTION
"{3891CB81-CF07-4ECD-A7CE-59544F84AF7D}" task was unlocked. <==== ATTENTION
"{39C8DA71-062F-415D-8BE0-127595074C19}" task was unlocked. <==== ATTENTION
"{3C0B9BA7-7D02-4CCC-AE36-5E5F3CD1F9A3}" task was unlocked. <==== ATTENTION
"{3C336B7D-4F6B-4B02-8478-EAD76B10C9AD}" task was unlocked. <==== ATTENTION
"{4028F806-9647-43EC-87FA-8B810DFD9141}" task was unlocked. <==== ATTENTION
Task: {40C0FA96-0B2E-429A-8774-86F1C1D170B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
"{4296989E-CB82-465D-9B7A-E709F8492C99}" task was unlocked. <==== ATTENTION
"{43027CE9-4016-4145-93E0-BAECC8E89B94}" task was unlocked. <==== ATTENTION
"{4517DBBD-42D9-439E-B523-2294724133D2}" task was unlocked. <==== ATTENTION
"{4520E8A9-AF06-4122-859B-E4B655B29B36}" task was unlocked. <==== ATTENTION
"{483FAC9D-5977-47EF-80D1-80E063A3AAAB}" task was unlocked. <==== ATTENTION
"{4A52E557-CBD2-4032-A8DF-42811A3A773D}" task was unlocked. <==== ATTENTION
Task: {4BE3DCD3-68D1-4482-A5D2-9A70D08D3758} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-01] (Microsoft Corporation)
Task: {4C1AF2EE-62A9-4754-880A-863DB5E84141} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4D03A5CE-4403-46B4-8E03-B54B96B56A15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-15] (Microsoft Corporation)
"{4FC5FA4E-102D-41FF-AD93-38654F2D12F2}" task was unlocked. <==== ATTENTION
"{5066CE53-F6C1-482A-94A5-9F8B8E77E9EF}" task was unlocked. <==== ATTENTION
Task: {51AE2A5F-DAC4-4447-BC98-B1567A14AEA7} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
"{51B7FB15-4DCB-400E-9A98-10E802F21FB3}" task was unlocked. <==== ATTENTION
"{5267392F-5BB8-45A6-AD93-10211E2F8850}" task was unlocked. <==== ATTENTION
Task: {5447DC40-E9C3-459D-A08E-ECA330D00247} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
"{545B5BF9-3D17-4EC0-8F78-A08C9F56FBCF}" task was unlocked. <==== ATTENTION
Task: {558CA25D-D156-4FB1-8DCE-1D0C476C16CD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
"{56478235-C914-438B-85CA-52568369A023}" task was unlocked. <==== ATTENTION
"{568AC0B6-44BB-4D3E-B7CB-D4649085FAB7}" task was unlocked. <==== ATTENTION
"{569538E5-354B-4206-BE67-47DAD594A707}" task was unlocked. <==== ATTENTION
"{57B14E59-8805-4BF3-B1F8-E86B92973ABF}" task was unlocked. <==== ATTENTION
"{5810571C-1162-4627-BE06-95F3CCAF7821}" task was unlocked. <==== ATTENTION
"{5A201377-91EE-4904-B2C6-9F7D7456A03F}" task was unlocked. <==== ATTENTION
Task: {5AEADF20-E6D4-4C6C-AB5D-A3846B50678A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-01] (Microsoft Corporation)
"{5B3610B8-EB8F-483D-9D5D-EFB6075BE647}" task was unlocked. <==== ATTENTION
"{5C020530-D866-421B-B15E-7EB9C7FA4D3B}" task was unlocked. <==== ATTENTION
Task: {5E5A974C-3BA8-49B9-9E85-436CA06368A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2026504303-3394863346-1200617100-1001UA => C:\Users\Dadejs\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-27] (Google Inc.)
"{5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB}" task was unlocked. <==== ATTENTION
"{61BAF05A-8050-481F-9368-9B62A53BC9C5}" task was unlocked. <==== ATTENTION
"{62378FC3-69C0-4B92-B72B-7652D823ABDE}" task was unlocked. <==== ATTENTION
"{650751B8-0586-401C-95FF-65523D62D989}" task was unlocked. <==== ATTENTION
"{66156864-BE3D-4705-B360-7A9055061F16}" task was unlocked. <==== ATTENTION
"{67889EEC-D7B4-43D3-B82C-D0DBA3522591}" task was unlocked. <==== ATTENTION
"{6831246E-D3E2-469C-9079-23FA53AC7712}" task was unlocked. <==== ATTENTION
"{6AF2B5AF-12F7-4A18-8717-7EE7080D2E29}" task was unlocked. <==== ATTENTION
"{6AF76128-8D3D-4190-88A8-78A1FDB651A8}" task was unlocked. <==== ATTENTION
Task: {6B6E444D-B4DF-4B56-B2B3-87356F18890F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
"{6C347398-3BF5-4CFF-A5E4-2151CC42B359}" task was unlocked. <==== ATTENTION
Task: {6C669153-A7D2-46DE-9B66-9423A411CD6B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
"{6E5F8BCA-89EE-4A07-81A9-4BC979E04A40}" task was unlocked. <==== ATTENTION
"{6EE17B2A-BD42-482C-8D89-88F3F3D06E9A}" task was unlocked. <==== ATTENTION
"{6F0BC9E8-7975-4BBA-BA11-1B177AA4EBB4}" task was unlocked. <==== ATTENTION
"{70199A58-3233-4F29-BBD6-A1040484A4D4}" task was unlocked. <==== ATTENTION
"{71B5B3B5-F3E4-4EDE-ACCD-2668A19D5CE7}" task was unlocked. <==== ATTENTION
"{724A82BA-0CD9-4932-A8F8-AE155346DC7A}" task was unlocked. <==== ATTENTION
"{72505299-C884-45D7-8FD6-026C2FFBE32D}" task was unlocked. <==== ATTENTION
"{72823FDD-BD1E-49B3-B82A-E44C027AE934}" task was unlocked. <==== ATTENTION
Task: {73633DA9-E7C4-4ABC-9B1A-175F39DEB066} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-15] (Microsoft Corporation)
Task: {750A1186-5E17-46C4-8B71-BEEB1885DAF0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {77E7D077-DE5B-4F65-9832-94BB208B03D0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {78CEE009-1655-46C0-AE54-5A543B5B0160} - System32\Tasks\{4A6B67A3-0270-43C5-9400-9DB166E1309D} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\Documents\Downloads\iview438_setup.exe -d C:\Users\Dadejs\Documents\Downloads
"{798E0AF4-3ED7-4D41-B06F-5261474509DE}" task was unlocked. <==== ATTENTION
Task: {7BB64BC3-3150-4D75-9DAD-4B1AE2D293E6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated)
"{7CBDBFDC-601B-4E16-8FF7-A5B2D18AB963}" task was unlocked. <==== ATTENTION
Task: {7CF077A1-BFF1-4030-B7D7-A8811F0FCBF3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80186BE4-ECC0-4BB8-AC94-BCE8D359C22B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
"{823907E4-225B-4EF7-AF4B-8BD3F3493491}" task was unlocked. <==== ATTENTION
"{82B5AAEF-39CD-42E6-839C-D4724378C033}" task was unlocked. <==== ATTENTION
Task: {82D96A23-59EB-4B6C-8F52-9994658C5C09} - System32\Tasks\{7F87A7A7-F6C9-441A-8FE1-F1887F4F4BD7} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\RegiStax 6\Uninstal.exe"
"{82F4D23B-6094-4A71-881F-1E15A6319E3E}" task was unlocked. <==== ATTENTION
Task: {82FE984A-1B8F-4B21-8455-4EBE817A8DA3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Dadejs\Desktop\adwcleaner_7.2.4.0.exe [2018-10-03] (Malwarebytes)
"{87E3E665-30F8-4B90-95CA-CDFDAF7E5FEB}" task was unlocked. <==== ATTENTION
Task: {89E3FD2D-6A74-4EAA-AD62-AC6103CEA7E3} - System32\Tasks\Driver Booster SkipUAC (Dadejs) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe [2018-07-06] (IObit)
"{8C5D0486-F6FB-491D-BDE8-EA17DFD04457}" task was unlocked. <==== ATTENTION
Task: {8D145074-E58C-4C36-A69C-10B2FF03EC04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
"{8DC4F6F2-5AC8-41B5-8461-383B58804B47}" task was unlocked. <==== ATTENTION
"{8E41C770-D98C-4204-A13A-0BA7C577AD02}" task was unlocked. <==== ATTENTION
"{8E7BC73C-7600-496B-9EA7-DF5B30C4B9F1}" task was unlocked. <==== ATTENTION
"{9202D2AF-F1E6-4D6B-AA7E-FC0654E3635A}" task was unlocked. <==== ATTENTION
Task: {927CDE65-D7D6-4FD2-BAC8-9DEBCA3A78FA} - System32\Tasks\{72C7426E-7FBD-429F-84D3-96BAA652A4AE} => C:\windows\system32\pcalua.exe -a D:\setup.exe -d D:\
"{931BE2FA-8F50-4C1A-BFD8-150C55D25502}" task was unlocked. <==== ATTENTION
"{9382EF2C-1C04-478F-9AD2-8D98DCA93085}" task was unlocked. <==== ATTENTION
Task: {9483162D-1BD5-45EA-B080-CA6B125CC8B5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
"{95812E91-F632-41D2-BA27-1B515BFBF299}" task was unlocked. <==== ATTENTION
Task: {97743A4B-CEA5-4B6E-B364-155A2EBEE1A0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
"{9A149913-6192-4221-841A-2D904528AAC3}" task was unlocked. <==== ATTENTION
"{9C7D670F-D8AA-4310-B11E-79D3738AB035}" task was unlocked. <==== ATTENTION
"{9D5DB7FB-8385-4592-B395-B99FADACACA3}" task was unlocked. <==== ATTENTION
"{9EDF61A5-AC02-4911-A5F2-857CF14AFFAD}" task was unlocked. <==== ATTENTION
"{A03F0342-7B29-4EDF-A3FF-EC36171E4487}" task was unlocked. <==== ATTENTION
"{A108828C-AC12-4613-8D0C-9DF73E983E77}" task was unlocked. <==== ATTENTION
"{A5C1489F-D79F-43B2-B433-EAAFE0E7ADA5}" task was unlocked. <==== ATTENTION
"{A70D812D-3245-46FF-8651-2472A6A6875B}" task was unlocked. <==== ATTENTION
"{A7C57A41-D764-4AAB-BBDE-BB8DAA2BE5DD}" task was unlocked. <==== ATTENTION
"{A7FDF706-59A4-4F5F-8274-DAB060A8F56E}" task was unlocked. <==== ATTENTION
"{A8E38795-E6D5-44C1-83B8-D3D0811ACE2E}" task was unlocked. <==== ATTENTION
"{AB90E5E3-399D-47FF-B197-A0A789D8C521}" task was unlocked. <==== ATTENTION
"{ABAAFA95-4331-4259-B7CF-AD53C5E8B786}" task was unlocked. <==== ATTENTION
"{ABC2A8CE-766D-49C9-9126-FDEA4B45FB34}" task was unlocked. <==== ATTENTION
"{AD4D7CA0-E12F-415A-9EC8-CAD721491E04}" task was unlocked. <==== ATTENTION
"{AE29E8A6-9708-4CB5-8282-D7F7291DCC34}" task was unlocked. <==== ATTENTION
"{B1044451-BB1F-408B-ACEA-4C3403A7E5A9}" task was unlocked. <==== ATTENTION
Task: {B1EDAB93-1145-47DE-8155-870E418DA35B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B27B7120-2E20-40F2-A1FB-B7A34685549B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-15] (Microsoft Corporation)
"{B2B85895-09A2-4BC3-BBF9-9B74780BFE62}" task was unlocked. <==== ATTENTION
"{B2DBA6F1-683B-44EC-855D-620ECFE5185B}" task was unlocked. <==== ATTENTION
"{B320E058-C6FA-413F-876B-0C9B4428AE66}" task was unlocked. <==== ATTENTION
"{B38EADAA-FBBE-4A90-BAE4-3F6BCC5C5BC7}" task was unlocked. <==== ATTENTION
"{B4B73970-0DD1-45A9-87C1-F7A21F9A05CC}" task was unlocked. <==== ATTENTION
Task: {B6AF02A7-D5E3-41D2-B353-8D0E16BBD60C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2017-06-09] ()
Task: {BA6E9187-0CF7-433F-91AD-55547E5D9342} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-01] (Microsoft Corporation)
"{BC40FCF6-98AA-466D-98D4-D4D532C3007D}" task was unlocked. <==== ATTENTION
Task: {BE2A0742-9AC2-4716-BBF2-D09EA9D30166} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BEBA772A-BBFA-4651-BBE0-94BC730E0319} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [2018-07-18] (AVAST Software)
"{C05CF805-420D-41C7-9E13-86ED6E546B7E}" task was unlocked. <==== ATTENTION
"{C22CCCBC-BD47-4E2E-81AB-02A4F53064C1}" task was unlocked. <==== ATTENTION
Task: {C2C378A0-1A9E-4FE5-841D-DA99DDC05962} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C66C894F-A332-493B-97AB-FFC842E80657} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-15] (Microsoft Corporation)
"{C6A91CB5-D958-4029-9301-1943231137AF}" task was unlocked. <==== ATTENTION
"{C6B2579B-4962-4D12-883D-BBD420573A6C}" task was unlocked. <==== ATTENTION
Task: {C6D0E85B-9965-42F7-A983-4701E4AF5CBA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-05-12] (Microsoft Corporation)
Task: {C7F434F4-A0D2-4238-AB6B-F8B69C97F220} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
"{C8252966-561E-44F5-8E10-113984BF4843}" task was unlocked. <==== ATTENTION
"{C89FB80E-7881-4C3F-9506-00342D8BC3F1}" task was unlocked. <==== ATTENTION
"{C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB}" task was unlocked. <==== ATTENTION
"{CC012300-06C1-4CFD-AC88-5BDAB7548D99}" task was unlocked. <==== ATTENTION
"{CECD7802-159F-445B-B714-1BB3840E107E}" task was unlocked. <==== ATTENTION
Task: {CF612478-EF47-43FD-9726-5ADCFDC0EC85} - System32\Tasks\{27D3FB9A-BF9A-4C67-B71D-8810AA7305DB} => C:\windows\system32\pcalua.exe -a "C:\Users\Dadejs\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /initurl hxxp://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller"
"{CF842F82-5CE4-44CE-93D4-750EE07191DC}" task was unlocked. <==== ATTENTION
Task: {CFF4FFCD-96B8-4F9E-9AE8-7A46580BAEE0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
"{D0218C70-9C99-4043-BF17-667E1AE5C42E}" task was unlocked. <==== ATTENTION
"{D075280B-9BB2-404D-9BA3-4586C36B7C7E}" task was unlocked. <==== ATTENTION
"{D0A89826-6023-4661-975D-0CE62FBF194D}" task was unlocked. <==== ATTENTION
"{D11010CF-25A1-43AD-B92C-EEBFAA4E1EFB}" task was unlocked. <==== ATTENTION
"{D19A2726-897E-4F7D-9CE4-0773B449CE9E}" task was unlocked. <==== ATTENTION
"{D2E38DD0-019E-42DB-B34D-2CE5DC12ED7A}" task was unlocked. <==== ATTENTION
"{D5272796-4812-49FB-B893-4B15630B0D4B}" task was unlocked. <==== ATTENTION
"{D70909C0-ECC0-4B6E-A5B0-AA556929948A}" task was unlocked. <==== ATTENTION
"{D79F475D-4638-44CE-AE6A-F20F107C41CE}" task was unlocked. <==== ATTENTION
"{D80AA3A2-189B-4A11-8828-511E6BAE5426}" task was unlocked. <==== ATTENTION
"{D9F1E806-3A7A-410A-A1A4-BFA564AAAEE6}" task was unlocked. <==== ATTENTION
"{D9F734C9-D893-4CC4-935E-10996BC25C9E}" task was unlocked. <==== ATTENTION
Task: {DA27B917-0C6B-4B5C-94FA-739B7A76DED0} - System32\Tasks\{BB6158F1-4053-4F3D-978B-40FC71283A3C} => C:\GOG Games\Fallout\falloutw.exe
Task: {DBD04159-3E48-44F2-A44E-3A95CA741E59} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
"{DE51FC11-6C38-440A-A9D2-2A0602690914}" task was unlocked. <==== ATTENTION
"{DF75705A-4BC8-4B67-8016-42B33768A374}" task was unlocked. <==== ATTENTION
"{E07239B6-8134-4053-A9EB-3750C8C8997C}" task was unlocked. <==== ATTENTION
"{E0D45B22-1A56-43FE-854C-DAFD1DDA1D61}" task was unlocked. <==== ATTENTION
"{E3DBE120-A4C2-4CD4-A364-C51992B36C98}" task was unlocked. <==== ATTENTION
"{E5182B77-08AA-49E5-AE8E-806A8F509499}" task was unlocked. <==== ATTENTION
"{E52928DD-BCA2-4E32-9B84-FFA7606694BE}" task was unlocked. <==== ATTENTION
"{E6010D43-6AE7-4B59-8E67-EC78FD8E8E96}" task was unlocked. <==== ATTENTION
Task: {E61E7209-A11F-4332-8AE6-075DD77E7EFB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
"{E9347D1E-28CB-4927-9928-07E3F27C0BB6}" task was unlocked. <==== ATTENTION
Task: {E93A9508-4365-49FA-BA87-3450F78805D3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-31] (AVAST Software)
"{E974E122-13F0-4D23-8F35-6BC2276522E4}" task was unlocked. <==== ATTENTION
"{EAE44DBA-F158-4EAA-8864-BCB05E36C20E}" task was unlocked. <==== ATTENTION
Task: {EB7ED247-3563-4777-AA6D-045AEB7F2290} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB90F477-CA03-43BC-A3AD-ACA9A5B7BCBB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EBAAF2AB-C5B8-4D8D-A8BF-B2079EC87BB7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
"{EBC98788-6390-4C89-8DA8-94D6DBAF2038}" task was unlocked. <==== ATTENTION
Task: {ED15759A-A1B8-41E2-ACBE-46F44DBF8BD5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
"{EF54804E-C223-4211-94FA-93F425575B5B}" task was unlocked. <==== ATTENTION
"{EFC1298E-E083-4116-982F-6E29309536D1}" task was unlocked. <==== ATTENTION
"{F07217FD-A936-48B0-951B-876F836F05E2}" task was unlocked. <==== ATTENTION
"{F0A590C9-9AA0-48BB-B8D4-77D99A67BB0B}" task was unlocked. <==== ATTENTION
"{F1D63C54-FA88-48CF-B9EB-583FC03CFB8E}" task was unlocked. <==== ATTENTION
"{F322AEB8-9975-47C8-879F-0E32A5EAF6A5}" task was unlocked. <==== ATTENTION
"{F42908E9-8C42-4B8B-9E7D-7D177027C265}" task was unlocked. <==== ATTENTION
"{F4D8C2F5-8D0F-46C5-B6A9-F766A9E4B26E}" task was unlocked. <==== ATTENTION
"{F6027CB3-9A58-415A-80F2-B1404204D4F5}" task was unlocked. <==== ATTENTION
Task: {F6150514-5B22-4508-B23C-4C18B3D352A3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2017-06-09] (Lenovo)
"{F762479F-5A5A-4A57-99A4-19D5F576F34C}" task was unlocked. <==== ATTENTION
"{F8F8902D-2BE6-4F12-8A9A-00FA221A3146}" task was unlocked. <==== ATTENTION
Task: {F90469F5-8B6B-481A-AA39-B9BAA8B40EA2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-15] (Microsoft Corporation)
"{F9CE0C33-7E61-4DF2-BC66-B1BF04B51995}" task was unlocked. <==== ATTENTION
"{FA539782-A208-4DAD-AADC-48BBF20F8853}" task was unlocked. <==== ATTENTION
"{FB33F85F-C122-4ECB-B6B9-912DF79592C3}" task was unlocked. <==== ATTENTION
"{FC3CC2E0-9D3F-4ABD-BF38-79661F7A01E8}" task was unlocked. <==== ATTENTION
"{FF41608D-1F8E-42BF-932D-C0C97E391B2E}" task was unlocked. <==== ATTENTION
Task: {FF6E8F36-97D2-4654-BED3-D0974B598F98} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Dadejs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-26 04:53 - 2011-03-16 05:47 - 000032768 _____ () C:\Windows\jmesoft\Service.exe
2015-11-08 18:14 - 2016-03-09 17:18 - 000025088 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniSys.dll
2015-11-08 18:14 - 2016-03-09 17:18 - 002513920 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_proxy.dll
2015-11-08 18:14 - 2016-03-09 17:18 - 002436096 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_stub.dll
2013-12-21 12:25 - 2013-12-21 12:25 - 000036864 _____ () C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 12:26 - 2013-12-21 12:26 - 000144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 000018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 000030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 000908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 000521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 000016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 000049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 000299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 000058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2018-05-13 20:38 - 2018-05-13 20:38 - 000669696 ____N () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2018-06-23 17:02 - 2018-09-07 22:53 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-14 20:31 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 20:32 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 001304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-11-08 18:14 - 2016-03-09 17:18 - 000049664 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniIO.dll
2011-08-26 04:53 - 2011-03-21 23:12 - 000020480 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2018-08-30 15:55 - 2018-08-30 15:55 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll
2018-09-19 10:12 - 2018-09-19 10:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-04-25 19:20 - 2018-04-25 19:21 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-25 19:20 - 2018-04-25 19:21 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-25 19:20 - 2018-04-25 19:21 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-25 19:20 - 2018-04-25 19:21 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\skypert.dll
2018-04-25 19:20 - 2018-04-25 19:20 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-02-21 22:47 - 2018-02-21 22:51 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
2018-02-21 22:47 - 2018-02-21 22:51 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-21 22:47 - 2018-02-21 22:48 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 18:11 - 2017-09-26 18:11 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-05-04 14:04 - 2018-05-04 14:05 - 066466304 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 21:41 - 2017-10-04 21:42 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 004173312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-03 21:41 - 2018-04-03 21:41 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 015563776 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 004018176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-05-04 14:04 - 2018-05-04 14:04 - 003281920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 001386496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-01 19:50 - 2018-02-01 19:51 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-04 14:04 - 2018-05-04 14:04 - 000094208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000878080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-03 21:41 - 2018-04-03 21:41 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000165888 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\SKU.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 001114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 000227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 000107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 000055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 000032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 000038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 000012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 000046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 000707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 000102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 000077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 005717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 000028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 000017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 000117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 000134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 004671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 001033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2018-08-22 22:19 - 2018-08-22 22:19 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-12-26 12:19 - 2016-09-12 15:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2011-08-26 04:53 - 2007-12-31 19:27 - 000007168 _____ () C:\Windows\jmesoft\VistaVolume.dll
2011-08-26 04:53 - 2009-07-16 18:20 - 000032768 _____ () C:\Windows\jmesoft\Keyhook.dll
2018-03-06 21:51 - 2018-03-06 21:51 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-30 21:26 - 2018-08-30 21:26 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-09-08 17:53 - 000000841 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\Control Panel\Desktop\\Wallpaper -> c:\users\dadejs\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{18526843-177e-4a81-85cd-a3833314cb3a}.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dadejs^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "4-Day Forecast"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "SilentCleanService"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "MusicManager"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{94B63C3D-56FF-46D2-B23F-E6758BD7CF54}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{2CC54076-0DF7-4D4A-8770-75317D98D15C}] => (Block) LPort=445
FirewallRules: [{5B739F43-D640-4782-A531-A9A0E87AA578}] => (Block) LPort=445
FirewallRules: [{3629AF0D-208E-4B4F-8D6A-F3DBB93316AA}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9AEDD161-6021-4600-80B3-3A6DE1736ED0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{CC1DB046-C693-4323-8027-6E2D28884A99}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{40A93ED6-CD66-4D2E-BCF9-86F3AAB82875}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{2956244A-89FB-4613-B725-F4163AD1C84B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{B918DA71-8E00-4B8C-B442-0BFD9721B454}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{F7F46F98-BA98-46B1-A9D0-48C5E2FA7D76}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3B05F1C6-89E0-496C-ADE0-965419F64806}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{747144FD-8137-4300-A6C4-58C8C38C24D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{1EBB9612-FAFC-42AE-AE8D-DB0047E71013}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{992DCC29-FEA4-4B8B-9C2C-230771E0885F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{47C2160D-29FB-4AE8-B339-D3A7FA0AFB6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8BE277F1-0A3E-44A7-AF37-8E6BD50B5A02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A49025E5-2EC0-4FBD-92B9-ADE76046BAE0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B227E27F-E712-4381-BEEB-A051ED6DA06B}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{2D946EDB-54AD-4107-9068-843DE618CB6B}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [TCP Query User{9AAE79E7-D990-4A1D-8A98-BA41F9C12632}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{893392A2-BEC2-4CEB-A889-54DAFDD2C25D}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [TCP Query User{EAD0ADCD-D25E-487A-9A6C-8E61DF8BE7BD}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{1E9F609E-8763-48AE-9F21-29738DF399FE}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{070DAD3D-4907-47A5-BB9D-643509015AF1}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{5EA36752-3AFD-48A7-BE0D-DEE0033F7086}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{D91041FF-7A22-4BB5-8791-28A9ADB0EDBA}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [UDP Query User{CAEA970C-52C2-4546-86B9-C32B07D48FCF}C:\program files (x86)\java\jre7\launch4j-tmp\stanza.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\stanza.exe
FirewallRules: [TCP Query User{E45ACE82-4459-426E-AB4F-54B7515A6B32}C:\program files (x86)\java\jre7\launch4j-tmp\stanza.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\stanza.exe
FirewallRules: [{C214A1EB-E328-400B-A70D-9EABF761517B}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{7847847B-B279-4FF3-8AB3-45521E941F95}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{446C6228-9A45-4655-8D3A-833AC0947E0A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3DE64D11-2DA3-444D-AE0C-CCB90FF9A27B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A8958102-15AA-49A6-AD7E-772E590EEF65}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{973E749D-1036-406E-A8C9-825B78EE3483}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{3726EC98-6D8B-4D0F-96BA-6EE534372A60}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F6F22B3F-29D3-4864-9338-610C0E718063}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{9BD6D0A8-E84A-4E02-90BF-7BAC3A055F66}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{07C9ACF5-B835-48CA-BAB9-77716752CA12}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{8AAB3435-963F-4172-89C4-75FF70B02052}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{0F33D7ED-BD50-4A2D-9B70-523FC8C59E57}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{66C91513-FDBF-4876-8A76-2062FE1A1138}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{E4954D3E-BD8A-44E7-8655-A2F12D135C04}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{5F05BFD0-CAA2-4304-841B-A0316A822177}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{4E05BB09-D748-4334-8178-CFAF9D354A71}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{9DDD580B-F256-4D8C-8817-2128C4C3560A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{5C5BB4D4-D015-4483-B092-B09461D586FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{8FDF9938-8E1E-4811-89F9-45A520E52F4C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F61C3639-889E-4AC2-A408-B1F7F94593DD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{3A936732-EED7-4258-873A-AE195DCB1D59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{1A7CA04F-F1D5-465B-A6C9-FBF76E9D9441}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A0C8E11A-D2D7-4ED5-9315-096E0B8E8B1F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4E0732F2-9A36-4FE5-9CA7-72313465E265}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2BDF116A-7D5D-408F-BA4A-5A11EBF268B2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{4C311ABF-CE7E-48C2-9D40-91D3081F5BAB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{22697577-E94E-479A-AFCD-5C2089688468}] => (Allow) LPort=1900
FirewallRules: [{185E6DC2-FD37-428E-AF76-4896D7051857}] => (Allow) LPort=2869
FirewallRules: [{1858720A-EB2E-4E5F-8938-F23E09FD5FE9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{25A7F5F6-A463-45CE-806B-108C65CF523D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0B148664-7CFA-4CE0-95A2-7E36F89C9CFD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6BD42562-D389-4E31-A025-16CD8390091C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9E39E3D9-464E-4500-A20D-BB933683DB8C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D26A0F3D-750F-43F0-A8DE-A044E9F8AE6C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D8C76E42-98D3-4541-8700-3FBC9BBCE65C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{17BA9807-3142-4EB2-A2FA-004F38E8EE48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1CA9DF1B-A411-48EF-943B-7A9ED3AFF0DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4FDD9710-C777-4113-8C63-0AC1465448F0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{9D29EBAB-2BAC-41B1-B9EE-712734299C69}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{5A687A0E-0325-46C5-A28B-A0EA6FB241A5}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{20630BCB-D823-44CE-8341-83B86FC48B0C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{2D3DEAE6-E559-4CCC-B89D-7E0C3808DE1B}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{5159B634-0FE8-442C-B401-236483DBBFBF}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{16D33B58-0AC0-463A-9C53-79C4F0A8A3F3}] => (Allow) LPort=8743
FirewallRules: [{49D693E6-7F9D-4B15-82F0-280B1AAF9F64}] => (Allow) LPort=8643
FirewallRules: [{3E97FBAB-354B-4055-8E3B-48ED7BEAA8D0}] => (Allow) LPort=7676
FirewallRules: [{448B31A5-832A-4384-8E74-84548840D218}] => (Allow) LPort=7679
FirewallRules: [{AFA4C3DD-03DD-419A-A50A-83E8E4432AE8}] => (Allow) LPort=24234
FirewallRules: [{CB8925F3-ED06-4095-9671-E61D83E151D9}] => (Allow) LPort=7900
FirewallRules: [{3E71F29D-759D-48EE-BDD6-CEF95840554B}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{796E47AC-D54D-4044-B0D0-BF1F25285ACC}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{9C08FE44-7DDB-4FE2-B4D8-66ED32EF20AC}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [TCP Query User{E54C8FAC-F19C-4C8F-AFEC-78A787AF427A}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{5E37C9FE-8625-4891-AD4A-5A9E6344D680}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [{605DFFBA-BBF8-444E-ACE3-AB99EA969009}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe
FirewallRules: [{E5D46203-855E-4FB1-BD8A-BA35B014440A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{5F811C56-827D-4940-9A18-9C97ADBAD18C}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe
FirewallRules: [{3DF89353-2003-4195-A870-CBDC59BEB778}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E46EAA5A-4834-47C1-83D1-FC623F614FC8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{82B06561-494C-4037-B6DB-42ADD4C151DC}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{FD85321F-EF2C-4590-9509-827AB4957FD7}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{5202FA11-A76D-4E28-9363-3D48C34BA99B}] => (Allow) C:\Program Files (x86)\Steam2\Steam.exe
FirewallRules: [{6FDFC3F4-7CFF-4A01-8E8F-C65F9861012C}] => (Allow) C:\Program Files (x86)\Steam2\Steam.exe
FirewallRules: [{9861667C-1514-442D-B5A9-D85767A0678E}] => (Allow) C:\Program Files (x86)\Steam2\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{606D1B79-390C-459B-84ED-BB732577B197}] => (Allow) C:\Program Files (x86)\Steam2\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{D7DAB859-6502-47D7-9900-78592473512F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{2AD10340-25A5-48B7-8D5A-A8A4E24D4433}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
FirewallRules: [{3014C018-6507-490D-90CD-87EEC2874141}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{85A0D3E2-A811-4F32-A841-ED3710BA6D48}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DBDownloader.exe
FirewallRules: [{AAC4F948-6657-441E-B6DC-2B41CB7B9C44}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{1F5172BB-42D1-44D6-B9C8-59AB5332FFDB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.5.1\AutoUpdate.exe
FirewallRules: [{3A181F1F-4E67-4642-8ACC-5B4C0614CB5D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{7AA08D20-DDF8-4731-AF6C-4845F1FCAAEF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3E9CD21C-0C33-48D7-9620-5715259C0565}] => (Allow) C:\Program Files (x86)\Steam2\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{BC5B9A7C-D35E-4CAD-9198-675445A5C39B}] => (Allow) C:\Program Files (x86)\Steam2\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{178325A7-1F81-47B1-BA49-190CA80FB894}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A4552A73-463F-44D5-AE34-BC3210811082}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6FA80AF6-0804-4FFD-8CCC-454348C9A904}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{765E16EE-7D1C-46D6-B9AC-B39A3777E337}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B0150FD5-36F9-4AFC-99E1-08781E49F459}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{7232C232-E52B-4317-868E-ED20F552588E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8A18EDF7-6969-485B-B27C-4BDCD0DBC764}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{20830F9C-AFD9-46ED-A0D5-81ACE4BD6041}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

25-07-2018 18:14:56 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
28-07-2018 19:45:11 Removed Arx Fatalis
28-07-2018 21:35:15 Driver Booster : Realtek USB 2.0 Card Reader
25-09-2018 22:44:09 Installed NHL® 09

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/03/2018 06:46:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-09T16:46:16Z. Kód chyby: 0x80070005

Error: (10/03/2018 06:45:46 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-09T16:45:46Z. Kód chyby: 0x80070005

Error: (10/03/2018 06:45:16 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-09T16:45:15Z. Kód chyby: 0x80070005

Error: (10/03/2018 06:44:45 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-09T16:44:45Z. Kód chyby: 0x80070005

Error: (10/03/2018 06:44:15 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-09T16:44:15Z. Kód chyby: 0x80070005

Error: (10/03/2018 06:43:45 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-09T16:43:45Z. Kód chyby: 0x80070005

Error: (10/03/2018 06:43:15 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-09T16:43:15Z. Kód chyby: 0x80070005

Error: (10/03/2018 06:42:45 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-09T16:42:45Z. Kód chyby: 0x80070005


System errors:
=============
Error: (10/03/2018 05:33:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (10/03/2018 05:31:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba HP Network Devices Support přestala během spouštění reagovat.

Error: (10/03/2018 05:29:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswbIDSAgent neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/03/2018 05:29:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby aswbIDSAgent bylo dosaženo časového limitu (30000 ms).

Error: (10/03/2018 05:27:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 05:27:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 05:27:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 05:27:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-10-01 21:52:13.745
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.277.413.0, AS: 1.277.413.0, NIS: 1.277.413.0
Verze modulu: AM: 1.1.15300.6, NIS: 1.1.15300.6

Date: 2018-10-01 21:50:57.774
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.277.413.0, AS: 1.277.413.0, NIS: 1.277.413.0
Verze modulu: AM: 1.1.15300.6, NIS: 1.1.15300.6

Date: 2018-10-01 21:40:55.775
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.275.948.0, AS: 1.275.948.0, NIS: 1.275.948.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-10-01 21:39:37.306
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.275.948.0, AS: 1.275.948.0, NIS: 1.275.948.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-09-11 21:59:22.699
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze podpisu: AV: 1.275.948.0, AS: 1.275.948.0, NIS: 1.275.948.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-04-09 20:49:35.541
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-04-09 20:49:34.758
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

Date: 2018-03-08 21:38:27.736
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.263.332.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80240016
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2018-03-03 16:27:55.268
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2018-01-21 17:09:57.552
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

CodeIntegrity:
===================================

Date: 2018-10-03 17:29:12.338
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:29:06.408
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:28:38.540
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:28:37.871
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:04:50.113
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-02 17:43:29.927
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-02 17:42:47.849
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-02 17:42:47.054
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 67%
Total physical RAM: 4078.38 MB
Available physical RAM: 1329.13 MB
Total Virtual: 8174.38 MB
Available Virtual: 5018.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:440.15 GB) (Free:92.39 GB) NTFS
Drive e: (TR2) (CDROM) (Total:0.23 GB) (Free:0 GB) CDFS

\\?\Volume{6266a7ac-cf8d-11e0-82c4-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{0b2de10c-0000-0000-0000-f00f6e000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0B2DE10C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)

==================== End of Addition.txt ============================

Skus este odinstalovat vsetky programy od IObit (Driver Booster, Advanced SystemCare, atd) - su to cinske smejdy, ktore mozu poskodit system.

Nasledne vloz nove logy z FRST.

OK, našel jsem jen ten Driver Boooster, jinak už nic.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.10.2018
Ran by Dadejs (administrator) on DADEJS-PC (04-10-2018 22:34:30)
Running from C:\Users\Dadejs\Desktop
Loaded Profiles: Dadejs & DefaultAppPool (Available Profiles: Dadejs & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\jmesoft\Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Samsung Electronics Co.,Ltd) C:\Program Files\SAMSUNG\Samsung Link\Samsung Link Tray Agent.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11543656 2010-10-26] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [615144 2016-03-09] (Samsung Electronics Co.,Ltd)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-30] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc.)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2011-03-21] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-16] ()
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [265216 2010-09-09] (Lenovo)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe [285696 2010-10-08] (Lenovo)
HKLM-x32\...\Run: [4-Day Forecast] => C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe [1060864 2008-11-10] ()
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\RAPTRS~1.EXE [56080 2015-10-01] (Raptr, Inc)
HKLM-x32\...\Run: [SilentCleanService] => C:\Program Files (x86)\iMobie\PhoneClean\SilentCleanServer.exe [488936 2018-01-04] (iMobie Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [2174072 2018-02-27] ()
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [Google Update] => C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-17] (Google Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [MusicManager] => C:\Users\Dadejs\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [5968896 2018-01-30] (Google Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Dadejs\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [5263040 2018-02-16] (Disc Soft Ltd)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam2\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2017-12-26]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{2faf1ea1-f0a0-4770-9457-da6c90906265}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{32e90e6b-2749-4fe6-b287-ffdfbc08fe80}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-09-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-25] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6iacqo6s.default-1402684941049-1528641835316
FF ProfilePath: C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316 [2018-10-04]
FF Homepage: Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316 -> hxxps://www.centrum.cz/
FF Extension: (Avast Online Security) - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\Extensions\wrc@avast.com.xpi [2018-06-25]
FF Extension: (Video DownloadHelper) - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-01]
FF Extension: (Firefox Monitor) - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\features\{1afbbd21-f211-448e-a7b2-9792cf154f6e}\fxmonitor@mozilla.org.xpi [2018-10-03]
FF Extension: (Telemetry coverage) - C:\Users\Dadejs\AppData\Roaming\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\features\{1afbbd21-f211-448e-a7b2-9792cf154f6e}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-03] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-11-19] [Legacy] [not signed]
FF HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-10-17] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin HKU\S-1-5-21-2026504303-3394863346-1200617100-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2026504303-3394863346-1200617100-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2026504303-3394863346-1200617100-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dadejs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default [2018-10-04]
CHR Extension: (Prezentace) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-15]
CHR Extension: (Dokumenty) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-15]
CHR Extension: (Disk Google) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-15]
CHR Extension: (YouTube) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-15]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-20]
CHR Extension: (Tabulky) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-15]
CHR Extension: (Avast Online Security) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-15]
CHR Extension: (Gmail) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-15]
CHR Extension: (Chrome Media Router) - C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-30] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-30] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-06] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-30] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [7649576 2018-03-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-02-16] (Disc Soft Ltd)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2018-04-17] (Foxit Software Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [505856 2017-02-27] (Intel Corporation) [File not signed]
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [File not signed]
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [271128 2017-06-09] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [623848 2016-03-09] (Samsung Electronics Co.,Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-30] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-30] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-30] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-30] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-30] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-25] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-30] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163272 2018-08-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467232 2018-08-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214800 2018-08-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-30] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2017-04-23] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2018-07-28] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-02-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-02-25] (Disc Soft Ltd)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [472016 2017-06-02] (Intel Corporation)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-04-23] (REALiX(tm))
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [259360 2018-10-03] (Malwarebytes)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-04-15] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-01] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [352424 2018-10-01] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-01] (Microsoft Corporation)
R0 WinI2C-DDC; C:\WINDOWS\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
S1 hsemclvc; \??\C:\WINDOWS\system32\drivers\hsemclvc.sys [X]
S1 MpKslb397354c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFFE26B0-0FC1-486A-A0AB-24B73D09A774}\MpKslb397354c.sys [X]
S1 odtkleju; \??\C:\WINDOWS\system32\drivers\odtkleju.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 18:44 - 2018-10-03 18:46 - 000091714 _____ C:\Users\Dadejs\Desktop\Addition.txt
2018-10-03 18:40 - 2018-10-04 22:38 - 000029509 _____ C:\Users\Dadejs\Desktop\FRST.txt
2018-10-03 18:39 - 2018-10-04 22:34 - 000000000 ____D C:\Users\Dadejs\Desktop\FRST-OlderVersion
2018-10-03 18:34 - 2018-10-04 22:33 - 002414080 _____ (Farbar) C:\Users\Dadejs\Desktop\FRST64.exe
2018-10-03 17:25 - 2018-10-03 21:49 - 000002410 _____ C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot
2018-10-03 17:18 - 2018-10-03 17:18 - 007592144 _____ (Malwarebytes) C:\Users\Dadejs\Desktop\adwcleaner_7.2.4.0.exe
2018-10-02 18:22 - 2018-10-02 18:22 - 001222144 _____ C:\Users\Dadejs\Desktop\RSITx64.exe
2018-09-30 12:55 - 2018-09-30 12:55 - 000000000 ____D C:\Users\Dadejs\AppData\Local\mbam
2018-09-30 11:00 - 2018-10-02 17:41 - 000000504 _____ C:\WINDOWS\Tasks\Avast Driver Updater Startup.job
2018-09-30 11:00 - 2018-09-30 11:00 - 000003004 _____ C:\WINDOWS\System32\Tasks\Avast Driver Updater Startup
2018-09-30 10:59 - 2018-09-30 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2018-09-30 10:59 - 2018-09-30 10:59 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2018-09-26 17:24 - 2018-09-26 21:50 - 000000000 ____D C:\Users\Dadejs\Documents\NHL09
2018-09-26 17:23 - 2018-09-26 17:23 - 000002034 _____ C:\WINDOWS\SysWOW64\ealregsnapshot1.reg
2018-09-26 17:22 - 2018-09-26 17:22 - 000001776 _____ C:\Users\Public\Desktop\NHL® 09.lnk
2018-09-26 17:19 - 2018-09-26 17:19 - 000000000 ____D C:\Program Files (x86)\EA Sports
2018-09-21 22:12 - 2018-09-21 22:12 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-09-21 22:12 - 2018-09-21 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-09-21 22:11 - 2018-09-21 22:11 - 000000000 ____D C:\Program Files\iPod
2018-09-21 22:08 - 2018-09-21 22:11 - 000000000 ____D C:\Program Files\iTunes
2018-09-15 22:35 - 2018-09-15 22:35 - 000002261 _____ C:\Users\Dadejs\Desktop\Google Chrome (2).lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-15 20:12 - 2018-09-15 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-09-14 22:45 - 2018-09-14 22:45 - 000001559 _____ C:\Users\Dadejs\Desktop\Extraliga 2018-19.xlsx – zástupce.lnk
2018-09-12 22:16 - 2018-09-12 22:18 - 000000000 ____D C:\Users\Dadejs\AppData\Local\Adobe
2018-09-11 19:09 - 2018-09-11 19:09 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-09-07 22:55 - 2018-10-03 17:27 - 000259360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-04 22:34 - 2017-11-18 20:52 - 000000000 ____D C:\FRST
2018-10-04 22:32 - 2016-11-19 09:22 - 000000000 ____D C:\Users\Dadejs\AppData\LocalLow\Mozilla
2018-10-04 22:26 - 2018-07-28 21:34 - 000000000 ____D C:\ProgramData\ProductData
2018-10-04 22:11 - 2017-12-16 17:27 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-10-04 22:11 - 2017-12-16 17:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-10-04 21:40 - 2017-12-16 16:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-04 17:49 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-10-04 17:40 - 2018-04-15 11:00 - 000000000 ___RD C:\Users\Dadejs\iCloudDrive
2018-10-04 17:39 - 2018-07-25 18:51 - 000000000 ____D C:\Users\Dadejs\AppData\Local\AVAST Software
2018-10-03 21:49 - 2017-12-16 17:27 - 000003048 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-03 18:37 - 2017-04-22 12:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-03 18:37 - 2013-08-17 19:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-03 18:37 - 2012-11-23 23:48 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-03 17:28 - 2011-08-26 05:10 - 000260725 _____ C:\WINDOWS\system32\fastboot.set
2018-10-03 17:27 - 2017-12-16 17:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-03 17:26 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-02 18:24 - 2012-12-21 19:42 - 000000000 ____D C:\Program Files\trend micro
2018-10-02 18:12 - 2018-06-26 23:07 - 000000000 ____D C:\Users\Dadejs\AppData\Local\CrashDumps
2018-10-02 18:12 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-10-02 18:10 - 2015-12-19 14:46 - 000000000 ____D C:\Program Files\CCleaner
2018-10-02 18:09 - 2015-12-19 14:46 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-10-01 21:48 - 2018-03-03 17:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-01 21:36 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-09-26 21:46 - 2011-11-19 17:35 - 000000000 ____D C:\Users\Dadejs\Documents\Moto
2018-09-26 17:57 - 2018-07-25 17:49 - 000000000 ____D C:\Program Files (x86)\Steam2
2018-09-26 17:23 - 2015-08-06 21:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-09-26 17:22 - 2011-11-19 20:19 - 000000000 ____D C:\Users\Dadejs\AppData\Local\Downloaded Installations
2018-09-26 16:44 - 2017-05-13 20:12 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-09-23 14:37 - 2017-12-16 16:59 - 000000000 ____D C:\Users\DefaultAppPool
2018-09-21 19:59 - 2018-06-01 22:19 - 000000000 ____D C:\Users\Dadejs\AppData\Roaming\Media Player Classic
2018-09-21 19:59 - 2018-02-25 12:15 - 000000000 ____D C:\Users\Dadejs\AppData\Roaming\DAEMON Tools Lite
2018-09-21 19:58 - 2017-12-25 09:51 - 000000000 ____D C:\WINDOWS\Minidump
2018-09-20 18:01 - 2016-08-15 18:47 - 000000000 ____D C:\Users\Dadejs\Documents\tata
2018-09-19 22:16 - 2018-04-06 17:26 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-09-19 22:00 - 2012-09-16 09:18 - 000000000 ____D C:\Users\Dadejs\Documents\comics
2018-09-18 22:00 - 2014-11-27 08:37 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-15 20:16 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-15 20:10 - 2011-11-19 17:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-12 22:17 - 2018-03-14 19:11 - 000004646 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-12 22:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-09-12 22:17 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-09-08 22:41 - 2017-12-16 16:59 - 000000000 ____D C:\Users\Dadejs
2018-09-07 22:53 - 2018-04-05 21:24 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-09-05 21:40 - 2013-12-27 08:51 - 000000000 ____D C:\Users\Dadejs\Documents\Film

==================== Files in the root of some directories =======

2018-02-28 23:33 - 2018-04-10 21:59 - 000004096 ____H () C:\Users\Dadejs\AppData\Local\keyfile3.drm
2017-09-06 22:15 - 2017-09-06 22:15 - 000002288 _____ () C:\Users\Dadejs\AppData\Local\recently-used.xbel
2014-05-17 21:09 - 2014-11-04 22:18 - 000007610 _____ () C:\Users\Dadejs\AppData\Local\Resmon.ResmonCfg
2012-04-21 10:51 - 2012-04-21 10:52 - 000000210 _____ () C:\Users\Dadejs\AppData\Local\SRDownloader.err
2012-04-21 10:50 - 2012-04-21 10:53 - 000001528 _____ () C:\Users\Dadejs\AppData\Local\SRDownloader.nast

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-12 20:10

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.10.2018
Ran by Dadejs (04-10-2018 22:39:58)
Running from C:\Users\Dadejs\Desktop
Windows 10 Home Version 1709 16299.431 (X64) (2017-12-16 15:29:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2026504303-3394863346-1200617100-500 - Administrator - Disabled)
Dadejs (S-1-5-21-2026504303-3394863346-1200617100-1001 - Administrator - Enabled) => C:\Users\Dadejs
DefaultAccount (S-1-5-21-2026504303-3394863346-1200617100-503 - Limited - Disabled)
Guest (S-1-5-21-2026504303-3394863346-1200617100-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2026504303-3394863346-1200617100-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1483, 27.02.2015 - AIMP DevTeam)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 17.3.4228 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{984D8789-07A6-4CD8-9766-35408C67395D}) (Version: 2.4.0 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.4.0 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.792.81 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
ComicRack v0.9.177 (HKLM\...\ComicRack) (Version: v0.9.177 - cYo Soft)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.1.0342 - Disc Soft Ltd)
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.2.4 - CEWE Stiftung u Co. KGaA)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Foxit PhantomPDF Standard (HKLM-x32\...\{002C7EBB-F986-4C33-AD1A-9A1570F2FBBE}) (Version: 7.2.0.722 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
GonVisor 2.51.04 (HKLM-x32\...\GonVisor_is1) (Version: - GON)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Harry Potter (HKLM-x32\...\{3F50AF3B-8997-4916-0095-99D63DDB785A}) (Version: - )
Harry Potter CZ (HKLM-x32\...\Harry Potter CZ) (Version: - )
Harry Potter II (HKLM-x32\...\{7BF68B83-5057-4D4B-0093-28285EEB9EE3}) (Version: - )
Harry Potter(TM) a vězeň z Azkabanu (HKLM-x32\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version: - )
HF Designer 5.2 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
iMyfone Umate 3.5.0.0 (HKLM-x32\...\{5284F901-9F62-4462-A0E6-2E4373A64454}_is1) (Version: 3.5.0.0 - Shenzhen iMyfone Technology Co., Ltd.)
Intel(R) Network Connections 22.1.104.0 (HKLM\...\PROSetDX) (Version: 22.1.104.0 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Johanka z Arku (HKLM-x32\...\{F2AFB780-FF87-4E4B-8097-451152CDD321}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Lenovo Solution Center (HKLM\...\{06913C0C-88EB-42AF-9D94-3E9136CEE9BC}) (Version: 3.6.002.003 - Lenovo)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Medvěd Míša - Cesta kolem světa (HKLM-x32\...\Medvěd Míša - Cesta kolem světa) (Version: - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0a1 - Mozilla)
Music Manager (HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\MusicManager) (Version: - Google, Inc.)
NHL® 09 (HKLM-x32\...\{F2B5A2A7-2DF9-4361-8BD5-362714528B51}) (Version: 2.0.1.0 - Electronic Arts)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PhoneClean (HKLM-x32\...\PhoneClean) (Version: 5.1.1.0 - iMobie Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Pokémon Trading Card Game Online (HKLM-x32\...\{81A5C6E9-AF9A-4EF9-B3C4-F9001D59800B}) (Version: 2.25.0 - The Pokémon Company International)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6230 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Seznam Software (HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Slovník Verdict Free (a internetový překladač) (HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Verdict Free) (Version: - )
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
SPCA1628 PC Driver (HKLM-x32\...\{5F1C7F21-AB33-4362-BCEE-6E0FD1EDC6D8}) (Version: 1.2.1.0 - Icatch)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sweet Home 3D version 4.6 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
Syncios 6.3.3 (HKLM-x32\...\Syncios) (Version: 6.3.3 - Anvsoft)
Tomb Raider II (HKLM-x32\...\Tomb Raider II) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Dadejs\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-07-10] (Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-02-16] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-02-16] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-30] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {014B00E9-0FC2-4C75-BEB8-43876596CEC3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {07744BA4-96B1-4F11-8DCE-5FD63803FAFE} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2017-06-09] (Lenovo)
Task: {0A86DDF4-6781-4197-AC2B-83D4E0DCD137} - System32\Tasks\{E514DE3A-4FCA-467E-941A-18C7F5CB3A41} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw
Task: {0B0B287C-CEF0-40F9-8575-F88C2C452C6F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0C57EBB9-7E46-4793-95A7-65F4CA0863BE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {13CB64C3-5AAB-4364-B971-DAD06345D588} - System32\Tasks\{CA57B439-FA24-4A52-BBD1-CE08A387C814} => C:\windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {1797599F-5E83-4726-9072-597EE8009E7A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {188DC2B1-C853-4CC2-9595-51C3DD5E79E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-15] (Microsoft Corporation)
Task: {1956A466-0499-4615-82AB-273C27CDE05D} - System32\Tasks\{44B4B797-88CB-44D2-BBD7-94D8305AD30D} => C:\GOG Games\Fallout\falloutw.exe
Task: {1A03F2AF-5250-4B79-8D91-E91013682100} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-01] (Microsoft Corporation)
Task: {1B52CAA3-D13E-4A67-B865-4725666DF5C2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B82E762-6D0B-4E55-B6D1-068856B84159} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-30] (AVAST Software)
Task: {1C33348C-12FE-48B4-86C6-A126412224FB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2026504303-3394863346-1200617100-1001Core => C:\Users\Dadejs\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-27] (Google Inc.)
Task: {1FF983FD-4654-4E88-80D3-B6B38D5D935A} - System32\Tasks\{878F13FE-1C23-497E-BAAC-B6E844415B90} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\Documents\Downloads\Codecs6030_allin1.exe -d C:\Users\Dadejs\Documents\Downloads
Task: {28C779DC-016D-43AF-8D67-27474A3D5179} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {2A0EE3BC-C873-4413-9161-31F1CCDF26EC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33DCD19E-2FB8-4EBD-9A2D-68C3E4296CAF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd)
Task: {3502E266-2B0B-4E9C-A9EE-8C490266F114} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {40C0FA96-0B2E-429A-8774-86F1C1D170B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4BE3DCD3-68D1-4482-A5D2-9A70D08D3758} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-01] (Microsoft Corporation)
Task: {4C1AF2EE-62A9-4754-880A-863DB5E84141} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4D03A5CE-4403-46B4-8E03-B54B96B56A15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-15] (Microsoft Corporation)
Task: {51AE2A5F-DAC4-4447-BC98-B1567A14AEA7} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {5447DC40-E9C3-459D-A08E-ECA330D00247} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {558CA25D-D156-4FB1-8DCE-1D0C476C16CD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {5AEADF20-E6D4-4C6C-AB5D-A3846B50678A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-01] (Microsoft Corporation)
Task: {5E5A974C-3BA8-49B9-9E85-436CA06368A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2026504303-3394863346-1200617100-1001UA => C:\Users\Dadejs\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-27] (Google Inc.)
Task: {6B6E444D-B4DF-4B56-B2B3-87356F18890F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6C669153-A7D2-46DE-9B66-9423A411CD6B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73633DA9-E7C4-4ABC-9B1A-175F39DEB066} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-15] (Microsoft Corporation)
Task: {750A1186-5E17-46C4-8B71-BEEB1885DAF0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {77E7D077-DE5B-4F65-9832-94BB208B03D0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {78CEE009-1655-46C0-AE54-5A543B5B0160} - System32\Tasks\{4A6B67A3-0270-43C5-9400-9DB166E1309D} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\Documents\Downloads\iview438_setup.exe -d C:\Users\Dadejs\Documents\Downloads
Task: {7BB64BC3-3150-4D75-9DAD-4B1AE2D293E6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {7CF077A1-BFF1-4030-B7D7-A8811F0FCBF3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80186BE4-ECC0-4BB8-AC94-BCE8D359C22B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {82D96A23-59EB-4B6C-8F52-9994658C5C09} - System32\Tasks\{7F87A7A7-F6C9-441A-8FE1-F1887F4F4BD7} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\RegiStax 6\Uninstal.exe"
Task: {82FE984A-1B8F-4B21-8455-4EBE817A8DA3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Dadejs\Desktop\adwcleaner_7.2.4.0.exe [2018-10-03] (Malwarebytes)
Task: {89E3FD2D-6A74-4EAA-AD62-AC6103CEA7E3} - System32\Tasks\Driver Booster SkipUAC (Dadejs) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
Task: {8D145074-E58C-4C36-A69C-10B2FF03EC04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {927CDE65-D7D6-4FD2-BAC8-9DEBCA3A78FA} - System32\Tasks\{72C7426E-7FBD-429F-84D3-96BAA652A4AE} => C:\windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {9483162D-1BD5-45EA-B080-CA6B125CC8B5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {97743A4B-CEA5-4B6E-B364-155A2EBEE1A0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B1EDAB93-1145-47DE-8155-870E418DA35B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B27B7120-2E20-40F2-A1FB-B7A34685549B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-09-15] (Microsoft Corporation)
Task: {B6AF02A7-D5E3-41D2-B353-8D0E16BBD60C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2017-06-09] ()
Task: {BA6E9187-0CF7-433F-91AD-55547E5D9342} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-01] (Microsoft Corporation)
Task: {BE2A0742-9AC2-4716-BBF2-D09EA9D30166} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BEBA772A-BBFA-4651-BBE0-94BC730E0319} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [2018-07-18] (AVAST Software)
Task: {C2C378A0-1A9E-4FE5-841D-DA99DDC05962} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C66C894F-A332-493B-97AB-FFC842E80657} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-09-15] (Microsoft Corporation)
Task: {C6D0E85B-9965-42F7-A983-4701E4AF5CBA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-05-12] (Microsoft Corporation)
Task: {C7F434F4-A0D2-4238-AB6B-F8B69C97F220} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {CF612478-EF47-43FD-9726-5ADCFDC0EC85} - System32\Tasks\{27D3FB9A-BF9A-4C67-B71D-8810AA7305DB} => C:\windows\system32\pcalua.exe -a "C:\Users\Dadejs\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /initurl hxxp://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {CFF4FFCD-96B8-4F9E-9AE8-7A46580BAEE0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DA27B917-0C6B-4B5C-94FA-739B7A76DED0} - System32\Tasks\{BB6158F1-4053-4F3D-978B-40FC71283A3C} => C:\GOG Games\Fallout\falloutw.exe
Task: {DBD04159-3E48-44F2-A44E-3A95CA741E59} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E61E7209-A11F-4332-8AE6-075DD77E7EFB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E93A9508-4365-49FA-BA87-3450F78805D3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-08-31] (AVAST Software)
Task: {EB7ED247-3563-4777-AA6D-045AEB7F2290} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB90F477-CA03-43BC-A3AD-ACA9A5B7BCBB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EBAAF2AB-C5B8-4D8D-A8BF-B2079EC87BB7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd)
Task: {ED15759A-A1B8-41E2-ACBE-46F44DBF8BD5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6150514-5B22-4508-B23C-4C18B3D352A3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2017-06-09] (Lenovo)
Task: {F90469F5-8B6B-481A-AA39-B9BAA8B40EA2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-09-15] (Microsoft Corporation)
Task: {FF6E8F36-97D2-4654-BED3-D0974B598F98} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Dadejs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi

==================== Loaded Modules (Whitelisted) ==============

2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-26 04:53 - 2011-03-16 05:47 - 000032768 _____ () C:\Windows\jmesoft\Service.exe
2015-11-08 18:14 - 2016-03-09 17:18 - 000025088 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniSys.dll
2015-11-08 18:14 - 2016-03-09 17:18 - 002513920 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_proxy.dll
2015-11-08 18:14 - 2016-03-09 17:18 - 002436096 _____ () C:\Program Files\SAMSUNG\Samsung Link\scone_stub.dll
2013-12-21 12:25 - 2013-12-21 12:25 - 000036864 _____ () C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 12:26 - 2013-12-21 12:26 - 000144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 000018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 000030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 000908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 000521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 000016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 000049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 000299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 000058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2018-05-13 20:38 - 2018-05-13 20:38 - 000669696 ____N () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2018-06-23 17:02 - 2018-09-07 22:53 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-03-14 20:31 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 20:32 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-25 19:20 - 2018-04-25 19:21 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-25 19:20 - 2018-04-25 19:21 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-25 19:20 - 2018-04-25 19:21 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-25 19:20 - 2018-04-25 19:21 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\skypert.dll
2018-04-25 19:20 - 2018-04-25 19:20 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 001304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-11-08 18:14 - 2016-03-09 17:18 - 000049664 _____ () C:\Program Files\SAMSUNG\Samsung Link\JniIO.dll
2011-08-26 04:53 - 2011-03-21 23:12 - 000020480 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2018-08-30 15:55 - 2018-08-30 15:55 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll
2018-09-19 10:12 - 2018-09-19 10:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-02-21 22:47 - 2018-02-21 22:51 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
2018-02-21 22:47 - 2018-02-21 22:51 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-21 22:47 - 2018-02-21 22:48 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 18:11 - 2017-09-26 18:11 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-21 22:47 - 2018-02-21 22:51 - 009283072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-05-04 14:04 - 2018-05-04 14:05 - 066466304 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 21:41 - 2017-10-04 21:42 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 004173312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-03 21:41 - 2018-04-03 21:41 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 015563776 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 004018176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-05-04 14:04 - 2018-05-04 14:04 - 003281920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 001386496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-01 19:50 - 2018-02-01 19:51 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-04 14:04 - 2018-05-04 14:04 - 000094208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000878080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-03 21:41 - 2018-04-03 21:41 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-05-04 14:04 - 2018-05-04 14:05 - 000165888 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\SKU.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 001114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 000227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 000107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 000055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 000032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 000038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 000012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 000046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 000707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 000102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 000077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 005717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 000028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 000017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 000117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 000134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 004671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 001033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 000024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 000044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2018-03-06 21:51 - 2018-03-06 21:51 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-30 21:26 - 2018-08-30 21:26 - 000575704 _____ () c:\program files\avast software\avast\streamback.dll
2018-08-22 22:19 - 2018-08-22 22:19 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-12-26 12:19 - 2016-09-12 15:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2011-08-26 04:53 - 2007-12-31 19:27 - 000007168 _____ () C:\Windows\jmesoft\VistaVolume.dll
2011-08-26 04:53 - 2009-07-16 18:20 - 000032768 _____ () C:\Windows\jmesoft\Keyhook.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-09-08 17:53 - 000000841 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\Control Panel\Desktop\\Wallpaper -> c:\users\dadejs\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{18526843-177e-4a81-85cd-a3833314cb3a}.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dadejs^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "4-Day Forecast"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "SilentCleanService"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "Xvid"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "MusicManager"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{94B63C3D-56FF-46D2-B23F-E6758BD7CF54}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{2CC54076-0DF7-4D4A-8770-75317D98D15C}] => (Block) LPort=445
FirewallRules: [{5B739F43-D640-4782-A531-A9A0E87AA578}] => (Block) LPort=445
FirewallRules: [{3629AF0D-208E-4B4F-8D6A-F3DBB93316AA}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9AEDD161-6021-4600-80B3-3A6DE1736ED0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{CC1DB046-C693-4323-8027-6E2D28884A99}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{40A93ED6-CD66-4D2E-BCF9-86F3AAB82875}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{2956244A-89FB-4613-B725-F4163AD1C84B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{B918DA71-8E00-4B8C-B442-0BFD9721B454}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{F7F46F98-BA98-46B1-A9D0-48C5E2FA7D76}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3B05F1C6-89E0-496C-ADE0-965419F64806}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{747144FD-8137-4300-A6C4-58C8C38C24D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{1EBB9612-FAFC-42AE-AE8D-DB0047E71013}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{992DCC29-FEA4-4B8B-9C2C-230771E0885F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{47C2160D-29FB-4AE8-B339-D3A7FA0AFB6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8BE277F1-0A3E-44A7-AF37-8E6BD50B5A02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A49025E5-2EC0-4FBD-92B9-ADE76046BAE0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B227E27F-E712-4381-BEEB-A051ED6DA06B}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{2D946EDB-54AD-4107-9068-843DE618CB6B}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [TCP Query User{9AAE79E7-D990-4A1D-8A98-BA41F9C12632}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{893392A2-BEC2-4CEB-A889-54DAFDD2C25D}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [TCP Query User{EAD0ADCD-D25E-487A-9A6C-8E61DF8BE7BD}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe
FirewallRules: [UDP Query User{1E9F609E-8763-48AE-9F21-29738DF399FE}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{070DAD3D-4907-47A5-BB9D-643509015AF1}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{5EA36752-3AFD-48A7-BE0D-DEE0033F7086}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{D91041FF-7A22-4BB5-8791-28A9ADB0EDBA}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [UDP Query User{CAEA970C-52C2-4546-86B9-C32B07D48FCF}C:\program files (x86)\java\jre7\launch4j-tmp\stanza.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\stanza.exe
FirewallRules: [TCP Query User{E45ACE82-4459-426E-AB4F-54B7515A6B32}C:\program files (x86)\java\jre7\launch4j-tmp\stanza.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\stanza.exe
FirewallRules: [{C214A1EB-E328-400B-A70D-9EABF761517B}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{7847847B-B279-4FF3-8AB3-45521E941F95}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{446C6228-9A45-4655-8D3A-833AC0947E0A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3DE64D11-2DA3-444D-AE0C-CCB90FF9A27B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A8958102-15AA-49A6-AD7E-772E590EEF65}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{973E749D-1036-406E-A8C9-825B78EE3483}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{3726EC98-6D8B-4D0F-96BA-6EE534372A60}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F6F22B3F-29D3-4864-9338-610C0E718063}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{9BD6D0A8-E84A-4E02-90BF-7BAC3A055F66}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{07C9ACF5-B835-48CA-BAB9-77716752CA12}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{8AAB3435-963F-4172-89C4-75FF70B02052}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{0F33D7ED-BD50-4A2D-9B70-523FC8C59E57}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{66C91513-FDBF-4876-8A76-2062FE1A1138}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{E4954D3E-BD8A-44E7-8655-A2F12D135C04}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{5F05BFD0-CAA2-4304-841B-A0316A822177}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{4E05BB09-D748-4334-8178-CFAF9D354A71}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{9DDD580B-F256-4D8C-8817-2128C4C3560A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{5C5BB4D4-D015-4483-B092-B09461D586FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{8FDF9938-8E1E-4811-89F9-45A520E52F4C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F61C3639-889E-4AC2-A408-B1F7F94593DD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{3A936732-EED7-4258-873A-AE195DCB1D59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{1A7CA04F-F1D5-465B-A6C9-FBF76E9D9441}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A0C8E11A-D2D7-4ED5-9315-096E0B8E8B1F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4E0732F2-9A36-4FE5-9CA7-72313465E265}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2BDF116A-7D5D-408F-BA4A-5A11EBF268B2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{4C311ABF-CE7E-48C2-9D40-91D3081F5BAB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{22697577-E94E-479A-AFCD-5C2089688468}] => (Allow) LPort=1900
FirewallRules: [{185E6DC2-FD37-428E-AF76-4896D7051857}] => (Allow) LPort=2869
FirewallRules: [{1858720A-EB2E-4E5F-8938-F23E09FD5FE9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{25A7F5F6-A463-45CE-806B-108C65CF523D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0B148664-7CFA-4CE0-95A2-7E36F89C9CFD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6BD42562-D389-4E31-A025-16CD8390091C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9E39E3D9-464E-4500-A20D-BB933683DB8C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D26A0F3D-750F-43F0-A8DE-A044E9F8AE6C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D8C76E42-98D3-4541-8700-3FBC9BBCE65C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{17BA9807-3142-4EB2-A2FA-004F38E8EE48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1CA9DF1B-A411-48EF-943B-7A9ED3AFF0DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4FDD9710-C777-4113-8C63-0AC1465448F0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{9D29EBAB-2BAC-41B1-B9EE-712734299C69}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{5A687A0E-0325-46C5-A28B-A0EA6FB241A5}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{20630BCB-D823-44CE-8341-83B86FC48B0C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{2D3DEAE6-E559-4CCC-B89D-7E0C3808DE1B}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{5159B634-0FE8-442C-B401-236483DBBFBF}] => (Allow) C:\Program Files\SAMSUNG\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{16D33B58-0AC0-463A-9C53-79C4F0A8A3F3}] => (Allow) LPort=8743
FirewallRules: [{49D693E6-7F9D-4B15-82F0-280B1AAF9F64}] => (Allow) LPort=8643
FirewallRules: [{3E97FBAB-354B-4055-8E3B-48ED7BEAA8D0}] => (Allow) LPort=7676
FirewallRules: [{448B31A5-832A-4384-8E74-84548840D218}] => (Allow) LPort=7679
FirewallRules: [{AFA4C3DD-03DD-419A-A50A-83E8E4432AE8}] => (Allow) LPort=24234
FirewallRules: [{CB8925F3-ED06-4095-9671-E61D83E151D9}] => (Allow) LPort=7900
FirewallRules: [{3E71F29D-759D-48EE-BDD6-CEF95840554B}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{796E47AC-D54D-4044-B0D0-BF1F25285ACC}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{9C08FE44-7DDB-4FE2-B4D8-66ED32EF20AC}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [TCP Query User{E54C8FAC-F19C-4C8F-AFEC-78A787AF427A}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{5E37C9FE-8625-4891-AD4A-5A9E6344D680}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [{605DFFBA-BBF8-444E-ACE3-AB99EA969009}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe
FirewallRules: [{E5D46203-855E-4FB1-BD8A-BA35B014440A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [{5F811C56-827D-4940-9A18-9C97ADBAD18C}] => (Allow) C:\Program Files (x86)\Anvsoft\Syncios\pdt_syncios.exe
FirewallRules: [{3DF89353-2003-4195-A870-CBDC59BEB778}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E46EAA5A-4834-47C1-83D1-FC623F614FC8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{82B06561-494C-4037-B6DB-42ADD4C151DC}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{FD85321F-EF2C-4590-9509-827AB4957FD7}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{5202FA11-A76D-4E28-9363-3D48C34BA99B}] => (Allow) C:\Program Files (x86)\Steam2\Steam.exe
FirewallRules: [{6FDFC3F4-7CFF-4A01-8E8F-C65F9861012C}] => (Allow) C:\Program Files (x86)\Steam2\Steam.exe
FirewallRules: [{9861667C-1514-442D-B5A9-D85767A0678E}] => (Allow) C:\Program Files (x86)\Steam2\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{606D1B79-390C-459B-84ED-BB732577B197}] => (Allow) C:\Program Files (x86)\Steam2\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{3A181F1F-4E67-4642-8ACC-5B4C0614CB5D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{7AA08D20-DDF8-4731-AF6C-4845F1FCAAEF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3E9CD21C-0C33-48D7-9620-5715259C0565}] => (Allow) C:\Program Files (x86)\Steam2\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{BC5B9A7C-D35E-4CAD-9198-675445A5C39B}] => (Allow) C:\Program Files (x86)\Steam2\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{178325A7-1F81-47B1-BA49-190CA80FB894}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A4552A73-463F-44D5-AE34-BC3210811082}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6FA80AF6-0804-4FFD-8CCC-454348C9A904}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{765E16EE-7D1C-46D6-B9AC-B39A3777E337}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B0150FD5-36F9-4AFC-99E1-08781E49F459}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{7232C232-E52B-4317-868E-ED20F552588E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8A18EDF7-6969-485B-B27C-4BDCD0DBC764}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{20830F9C-AFD9-46ED-A0D5-81ACE4BD6041}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

25-07-2018 18:14:56 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
28-07-2018 19:45:11 Removed Arx Fatalis
28-07-2018 21:35:15 Driver Booster : Realtek USB 2.0 Card Reader
25-09-2018 22:44:09 Installed NHL® 09

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2018 10:42:20 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-10T20:42:20Z. Kód chyby: 0x80070005

Error: (10/04/2018 10:41:50 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-10T20:41:50Z. Kód chyby: 0x80070005

Error: (10/04/2018 10:41:20 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-10T20:41:19Z. Kód chyby: 0x80070005

Error: (10/04/2018 10:40:49 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-10T20:40:49Z. Kód chyby: 0x80070005

Error: (10/04/2018 10:40:19 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-10T20:40:19Z. Kód chyby: 0x80070005

Error: (10/04/2018 10:39:49 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-10T20:39:49Z. Kód chyby: 0x80070005

Error: (10/04/2018 10:39:19 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-10T20:39:19Z. Kód chyby: 0x80070005

Error: (10/04/2018 10:38:49 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2118-09-10T20:38:49Z. Kód chyby: 0x80070005


System errors:
=============
Error: (10/04/2018 09:42:36 PM) (Source: DCOM) (EventID: 10016) (User: DADEJS-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli Dadejs-PC\Dadejs (SID: S-1-5-21-2026504303-3394863346-1200617100-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/04/2018 05:41:02 PM) (Source: DCOM) (EventID: 10016) (User: DADEJS-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli Dadejs-PC\Dadejs (SID: S-1-5-21-2026504303-3394863346-1200617100-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/04/2018 05:38:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/04/2018 05:38:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/04/2018 05:38:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/04/2018 05:38:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 09:02:40 PM) (Source: DCOM) (EventID: 10016) (User: DADEJS-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli Dadejs-PC\Dadejs (SID: S-1-5-21-2026504303-3394863346-1200617100-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 05:33:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.


Windows Defender:
===================================
Date: 2018-10-01 21:52:13.745
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.277.413.0, AS: 1.277.413.0, NIS: 1.277.413.0
Verze modulu: AM: 1.1.15300.6, NIS: 1.1.15300.6

Date: 2018-10-01 21:50:57.774
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.277.413.0, AS: 1.277.413.0, NIS: 1.277.413.0
Verze modulu: AM: 1.1.15300.6, NIS: 1.1.15300.6

Date: 2018-10-01 21:40:55.775
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.275.948.0, AS: 1.275.948.0, NIS: 1.275.948.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-10-01 21:39:37.306
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.275.948.0, AS: 1.275.948.0, NIS: 1.275.948.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-09-11 21:59:22.699
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze podpisu: AV: 1.275.948.0, AS: 1.275.948.0, NIS: 1.275.948.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-04-09 20:49:35.541
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-04-09 20:49:34.758
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

Date: 2018-03-08 21:38:27.736
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.263.332.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14600.4
Kód chyby: 0x80240016
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2018-03-03 16:27:55.268
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

Date: 2018-01-21 17:09:57.552
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace: Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby: 0x80070652
Popis chyby :Momentálně je spuštěna jiná instalace. Před spuštěním nové instalace nejdříve dokončete spuštěnou instalaci.

CodeIntegrity:
===================================

Date: 2018-10-04 17:42:08.213
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:29:12.338
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:29:06.408
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:28:38.540
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:28:37.871
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-03 17:04:50.113
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-02 17:43:29.927
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-02 17:42:47.849
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 59%
Total physical RAM: 4078.38 MB
Available physical RAM: 1643.14 MB
Total Virtual: 8182.19 MB
Available Virtual: 4759.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:440.15 GB) (Free:91.36 GB) NTFS
Drive e: (TR2) (CDROM) (Total:0.23 GB) (Free:0 GB) CDFS

\\?\Volume{6266a7ac-cf8d-11e0-82c4-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{0b2de10c-0000-0000-0000-f00f6e000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0B2DE10C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)

==================== End of Addition.txt ============================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Windows\jmesoft\Service.exe
  File: C:\Windows\jmesoft\JME_LOAD.exe
  File: C:\windows\jmesoft\hotkey.exe
  File: C:\Windows\jmesoft\ServiceLoader.exe
  File: C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe
  File: C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
  File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
  File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
  File: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
  File: C:\windows\SysWOW64\FsUsbExDisk.SYS
  CMD: dir "C:\WINDOWS\Minidump"
  ExportKey: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
  Folder: C:\Users\Dadejs\Local Settings\Application Data\Bundled software uninstaller
  
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
  HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Dadejs\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
  Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File 
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  FF Plugin HKU\S-1-5-21-2026504303-3394863346-1200617100-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dadejs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
  S1 hsemclvc; \??\C:\WINDOWS\system32\drivers\hsemclvc.sys [X]
  S1 MpKslb397354c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFFE26B0-0FC1-486A-A0AB-24B73D09A774}\MpKslb397354c.sys [X]
  S1 odtkleju; \??\C:\WINDOWS\system32\drivers\odtkleju.sys [X]
  S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
  2018-10-03 18:39 - 2018-10-04 22:34 - 000000000 ____D C:\Users\Dadejs\Desktop\FRST-OlderVersion
  2018-10-03 17:25 - 2018-10-03 21:49 - 000002410 _____ C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot
  2018-10-02 18:22 - 2018-10-02 18:22 - 001222144 _____ C:\Users\Dadejs\Desktop\RSITx64.exe
  2018-10-02 18:24 - 2012-12-21 19:42 - 000000000 ____D C:\Program Files\trend micro
  
  Task: {0A86DDF4-6781-4197-AC2B-83D4E0DCD137} - System32\Tasks\{E514DE3A-4FCA-467E-941A-18C7F5CB3A41} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\AppData\Roaming\istartsurf\UninstallManager.exe -c  -ptid=obw
  Task: {13CB64C3-5AAB-4364-B971-DAD06345D588} - System32\Tasks\{CA57B439-FA24-4A52-BBD1-CE08A387C814} => C:\windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
  Task: {77E7D077-DE5B-4F65-9832-94BB208B03D0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
  Task: {78CEE009-1655-46C0-AE54-5A543B5B0160} - System32\Tasks\{4A6B67A3-0270-43C5-9400-9DB166E1309D} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\Documents\Downloads\iview438_setup.exe -d C:\Users\Dadejs\Documents\Downloads
  Task: {82D96A23-59EB-4B6C-8F52-9994658C5C09} - System32\Tasks\{7F87A7A7-F6C9-441A-8FE1-F1887F4F4BD7} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\RegiStax 6\Uninstal.exe"
  Task: {82FE984A-1B8F-4B21-8455-4EBE817A8DA3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Dadejs\Desktop\adwcleaner_7.2.4.0.exe [2018-10-03] (Malwarebytes)
  Task: {89E3FD2D-6A74-4EAA-AD62-AC6103CEA7E3} - System32\Tasks\Driver Booster SkipUAC (Dadejs) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
  Task: {927CDE65-D7D6-4FD2-BAC8-9DEBCA3A78FA} - System32\Tasks\{72C7426E-7FBD-429F-84D3-96BAA652A4AE} => C:\windows\system32\pcalua.exe -a D:\setup.exe -d D:\
  Task: {CF612478-EF47-43FD-9726-5ADCFDC0EC85} - System32\Tasks\{27D3FB9A-BF9A-4C67-B71D-8810AA7305DB} => C:\windows\system32\pcalua.exe -a "C:\Users\Dadejs\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /initurl hxxp://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller"
  HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
  HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
  
  C:\Program Files (x86)\Seznam.cz
  C:\Users\Dadejs\AppData\Roaming\Seznam.cz
  
  C:\Program Files\IObit
  C:\Program Files (x86)\IObit
  C:\Program Files\Common Files\IObit
  C:\ProgramData\IObit
  C:\ProgramData\ProductData
  C:\Users\Dadejs\AppData\Roaming\IObit
  C:\Users\Dadejs\AppData\LocalLow\IObit
  C:\Users\Dadejs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
  C:\Users\Dadejs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
  C:\Users\Default\AppData\Roaming\IObit
  C:\Users\Default\AppData\LocalLow\IObit
  C:\Users\Public\Desktop\*Driver Booster*
  C:\Users\Public\Desktop\*Advanced SystemCare*
  C:\Windows\IObit
  C:\Windows\Tasks\ImCleanDisabled
  C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Provedeno
Paradoxně mi teď prohlížeč připadá ještě pomalejší.

Fix result of Farbar Recovery Scan Tool (x64) Version: 04.10.2018
Ran by Dadejs (05-10-2018 17:45:38) Run:1
Running from C:\Users\Dadejs\Desktop
Loaded Profiles: Dadejs & DefaultAppPool (Available Profiles: Dadejs & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\jmesoft\Service.exe
File: C:\Windows\jmesoft\JME_LOAD.exe
File: C:\windows\jmesoft\hotkey.exe
File: C:\Windows\jmesoft\ServiceLoader.exe
File: C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe
File: C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
File: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
File: C:\windows\SysWOW64\FsUsbExDisk.SYS
CMD: dir "C:\WINDOWS\Minidump"
ExportKey: HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Folder: C:\Users\Dadejs\Local Settings\Application Data\Bundled software uninstaller

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Dadejs\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
FF Plugin HKU\S-1-5-21-2026504303-3394863346-1200617100-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dadejs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
S1 hsemclvc; \??\C:\WINDOWS\system32\drivers\hsemclvc.sys [X]
S1 MpKslb397354c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFFE26B0-0FC1-486A-A0AB-24B73D09A774}\MpKslb397354c.sys [X]
S1 odtkleju; \??\C:\WINDOWS\system32\drivers\odtkleju.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
2018-10-03 18:39 - 2018-10-04 22:34 - 000000000 ____D C:\Users\Dadejs\Desktop\FRST-OlderVersion
2018-10-03 17:25 - 2018-10-03 21:49 - 000002410 _____ C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot
2018-10-02 18:22 - 2018-10-02 18:22 - 001222144 _____ C:\Users\Dadejs\Desktop\RSITx64.exe
2018-10-02 18:24 - 2012-12-21 19:42 - 000000000 ____D C:\Program Files\trend micro

Task: {0A86DDF4-6781-4197-AC2B-83D4E0DCD137} - System32\Tasks\{E514DE3A-4FCA-467E-941A-18C7F5CB3A41} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw
Task: {13CB64C3-5AAB-4364-B971-DAD06345D588} - System32\Tasks\{CA57B439-FA24-4A52-BBD1-CE08A387C814} => C:\windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {77E7D077-DE5B-4F65-9832-94BB208B03D0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {78CEE009-1655-46C0-AE54-5A543B5B0160} - System32\Tasks\{4A6B67A3-0270-43C5-9400-9DB166E1309D} => C:\windows\system32\pcalua.exe -a C:\Users\Dadejs\Documents\Downloads\iview438_setup.exe -d C:\Users\Dadejs\Documents\Downloads
Task: {82D96A23-59EB-4B6C-8F52-9994658C5C09} - System32\Tasks\{7F87A7A7-F6C9-441A-8FE1-F1887F4F4BD7} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\RegiStax 6\Uninstal.exe"
Task: {82FE984A-1B8F-4B21-8455-4EBE817A8DA3} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Dadejs\Desktop\adwcleaner_7.2.4.0.exe [2018-10-03] (Malwarebytes)
Task: {89E3FD2D-6A74-4EAA-AD62-AC6103CEA7E3} - System32\Tasks\Driver Booster SkipUAC (Dadejs) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
Task: {927CDE65-D7D6-4FD2-BAC8-9DEBCA3A78FA} - System32\Tasks\{72C7426E-7FBD-429F-84D3-96BAA652A4AE} => C:\windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {CF612478-EF47-43FD-9726-5ADCFDC0EC85} - System32\Tasks\{27D3FB9A-BF9A-4C67-B71D-8810AA7305DB} => C:\windows\system32\pcalua.exe -a "C:\Users\Dadejs\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /initurl hxxp://bi.bisrv.com/:affid:/:sid:/:uid:? /affid uninstall /id uninstall /name "Bundled software uninstaller"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

C:\Program Files (x86)\Seznam.cz
C:\Users\Dadejs\AppData\Roaming\Seznam.cz

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Dadejs\AppData\Roaming\IObit
C:\Users\Dadejs\AppData\LocalLow\IObit
C:\Users\Dadejs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Dadejs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 218
Average :
Sum : 252675977
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Windows\jmesoft\Service.exe ========================

C:\Windows\jmesoft\Service.exe
File not signed
MD5: 1DED0D0AA513E2A5862B20A520D3A1E1
Creation and modification date: 2011-08-26 04:53 - 2011-03-16 05:47
Size: 000032768
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/f592f89 ... 532405175/

====== End of File: ======


========================= File: C:\Windows\jmesoft\JME_LOAD.exe ========================

C:\Windows\jmesoft\JME_LOAD.exe
File not signed
MD5: 9E100706E0DAF8C1966C91BE8BA8A5BE
Creation and modification date: 2011-08-26 04:53 - 2011-03-21 23:12
Size: 000020480
Attributes: ----A
Company Name:
Internal Name: JME_LOAD
Original Name: JME_LOAD.EXE
Product: JME_LOAD 应用程序
Description: JME_LOAD Microsoft 基础类应用程序
File Version: 1, 0, 0, 1
Product Version: 1, 0, 0, 1
Copyright: 版权所有 (C) 2011
VirusTotal: https://www.virustotal.com/file/500619f ... 529457829/

====== End of File: ======


========================= File: C:\windows\jmesoft\hotkey.exe ========================

C:\windows\jmesoft\hotkey.exe
File not signed
MD5: 7CF072E03D4F943B1FE20339B973EDBB
Creation and modification date: 2011-08-26 04:53 - 2011-03-21 23:06
Size: 000118784
Attributes: ----A
Company Name: Lenovo
Internal Name: JmeHotkey
Original Name: Hotkey.exe
Product: TinianFn
Description: TinianFn
File Version: 6, 1, 0, 112
Product Version: 6, 1, 0, 112
Copyright: Lenovo
VirusTotal: https://www.virustotal.com/file/b41e7b0 ... 526083382/

====== End of File: ======


========================= File: C:\Windows\jmesoft\ServiceLoader.exe ========================

C:\Windows\jmesoft\ServiceLoader.exe
File not signed
MD5: 69920C35DF3B358232927CC9748A8BCA
Creation and modification date: 2011-08-26 04:53 - 2011-03-16 05:49
Size: 000028672
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/6f062cb ... 537892705/

====== End of File: ======


========================= File: C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe ========================

C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe
File not signed
MD5: C2AFAF9407991FE415ADDE840A924855
Creation and modification date: 2008-11-10 11:03 - 2008-11-10 11:03
Size: 001060864
Attributes: ----A
Company Name:
Internal Name: 4-Day Forecast.exe
Original Name: 4-Day Forecast.exe
Product: 4-Day Forecast
Description: 4-Day Forecast
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright © MicroMagic
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe ========================

C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
File not signed
MD5: 5EE5E5DF9E92B3A5581B9DE7DCC05972
Creation and modification date: 2013-12-21 12:31 - 2013-12-21 12:31
Size: 000404360
Attributes: ----A
Company Name: Samsung
Internal Name: AllShareFrameworkManagerDMS
Original Name: AllShareFrameworkManagerDMS.exe
Product: PC AllShare Framework
Description: AllShareFrameworkManagerDMS Monitoring DMS Service
File Version: 1, 3, 0, 6
Product Version: 1.3.06
Copyright: Copyright (C) 2012
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll ========================

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
File not signed
MD5: 1DAE5C46D42B02A6D5862E1482EFB390
Creation and modification date: 2009-09-20 13:36 - 2009-09-20 13:36
Size: 000249344
Attributes: ----A
Company Name: Hewlett-Packard Co.
Internal Name: HPQCXS00
Original Name: HPQCXS00.DLL
Product: HP Digital Imaging
Description: HP CUE Context Manager Objects
File Version: 130.0.80.000
Product Version: 130.000.999.000
Copyright: Copyright (C) Hewlett-Packard Co. 1995-2009
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll ========================

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
File not signed
MD5: 99E8EEF42FE2F4AF29B08C3355DD7685
Creation and modification date: 2009-09-20 13:24 - 2009-09-20 13:24
Size: 000133120
Attributes: ----A
Company Name: Hewlett-Packard Co.
Internal Name: HPQDDSVC
Original Name: HPQDDSVC.DLL
Product: HP Digital Imaging
Description: HP CUE DeviceDiscovery Service
File Version: 130.0.465.000
Product Version: 130.000.999.000
Copyright: Copyright (C) Hewlett-Packard Co. 1995-2009
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe ========================

C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
File not signed
MD5: 1CF03C69B49ACB70C722DF92755C0C8C
Creation and modification date: 2005-04-04 00:41 - 2005-04-04 00:41
Size: 000069632
Attributes: ----A
Company Name: Macrovision Corporation
Internal Name: IDriverT
Original Name: IDriverT.exe
Product: InstallShield (R)
Description: IDriverT Module
File Version: 11.00.28844
Product Version: 11.00
Copyright: Copyright (C) 2005 Macrovision Corporation
VirusTotal: 0

====== End of File: ======


========================= File: C:\windows\SysWOW64\FsUsbExDisk.SYS ========================

C:\windows\SysWOW64\FsUsbExDisk.SYS
File not signed
MD5: DDEE99DC54EFA20BD5A442CD733C4462
Creation and modification date: 2013-06-18 18:39 - 2013-05-22 13:34
Size: 000037344
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========= dir "C:\WINDOWS\Minidump" =========

Volume in drive C has no label.
Volume Serial Number is 766E-FE1E

Directory of C:\WINDOWS\Minidump

21.09.2018 19:58 <DIR> .
21.09.2018 19:58 <DIR> ..
0 File(s) 0 bytes
2 Dir(s) 97˙859˙031˙040 bytes free

========= End of CMD: =========

================== ExportKey: ===================

[HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall]
"InstallLocation"="C:\Users\Dadejs\AppData\Roaming\Seznam.cz"
"DisplayName"="Seznam Software"
"DisplayIcon"="C:\Users\Dadejs\AppData\Roaming\Seznam.cz\szninstall.exe,0"
"UninstallString"=""C:\Users\Dadejs\AppData\Roaming\Seznam.cz\szninstall.exe" -X"
"ModifyPath"="C:\Users\Dadejs\AppData\Roaming\Seznam.cz\szninstall.exe"
"Publisher"="Seznam.cz"
"URLInfoAbout"="http://software.seznam.cz"
"HelpLink"="http://napoveda.seznam.cz/cz/software.html"
"Comments"="Vsechny aplikace spolecnosti Seznam.cz a.s."
"NoRepair"="1"
"NoModify"="0"

=== End of ExportKey ===

========================= Folder: C:\Users\Dadejs\Local Settings\Application Data\Bundled software uninstaller ========================

not found.

====== End of Folder: ======

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => removed successfully
"HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Xvid" => removed successfully
"HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000007 => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully
HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 => removed successfully
"C:\Users\Dadejs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll" => not found
HKLM\System\CurrentControlSet\Services\hsemclvc => removed successfully
hsemclvc => service removed successfully
HKLM\System\CurrentControlSet\Services\MpKslb397354c => removed successfully
MpKslb397354c => service removed successfully
HKLM\System\CurrentControlSet\Services\odtkleju => removed successfully
odtkleju => service removed successfully
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully
C:\Users\Dadejs\Desktop\FRST-OlderVersion => moved successfully
C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot => moved successfully
C:\Users\Dadejs\Desktop\RSITx64.exe => moved successfully
C:\Program Files\trend micro => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A86DDF4-6781-4197-AC2B-83D4E0DCD137}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A86DDF4-6781-4197-AC2B-83D4E0DCD137}" => removed successfully
C:\WINDOWS\System32\Tasks\{E514DE3A-4FCA-467E-941A-18C7F5CB3A41} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E514DE3A-4FCA-467E-941A-18C7F5CB3A41}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13CB64C3-5AAB-4364-B971-DAD06345D588}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13CB64C3-5AAB-4364-B971-DAD06345D588}" => removed successfully
C:\WINDOWS\System32\Tasks\{CA57B439-FA24-4A52-BBD1-CE08A387C814} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CA57B439-FA24-4A52-BBD1-CE08A387C814}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77E7D077-DE5B-4F65-9832-94BB208B03D0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77E7D077-DE5B-4F65-9832-94BB208B03D0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78CEE009-1655-46C0-AE54-5A543B5B0160}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78CEE009-1655-46C0-AE54-5A543B5B0160}" => removed successfully
C:\WINDOWS\System32\Tasks\{4A6B67A3-0270-43C5-9400-9DB166E1309D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4A6B67A3-0270-43C5-9400-9DB166E1309D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82D96A23-59EB-4B6C-8F52-9994658C5C09}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82D96A23-59EB-4B6C-8F52-9994658C5C09}" => removed successfully
C:\WINDOWS\System32\Tasks\{7F87A7A7-F6C9-441A-8FE1-F1887F4F4BD7} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7F87A7A7-F6C9-441A-8FE1-F1887F4F4BD7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82FE984A-1B8F-4B21-8455-4EBE817A8DA3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82FE984A-1B8F-4B21-8455-4EBE817A8DA3}" => removed successfully
"C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdwCleaner_onReboot" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89E3FD2D-6A74-4EAA-AD62-AC6103CEA7E3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89E3FD2D-6A74-4EAA-AD62-AC6103CEA7E3}" => removed successfully
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Dadejs) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Dadejs)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{927CDE65-D7D6-4FD2-BAC8-9DEBCA3A78FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{927CDE65-D7D6-4FD2-BAC8-9DEBCA3A78FA}" => removed successfully
C:\WINDOWS\System32\Tasks\{72C7426E-7FBD-429F-84D3-96BAA652A4AE} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{72C7426E-7FBD-429F-84D3-96BAA652A4AE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF612478-EF47-43FD-9726-5ADCFDC0EC85}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF612478-EF47-43FD-9726-5ADCFDC0EC85}" => removed successfully
C:\WINDOWS\System32\Tasks\{27D3FB9A-BF9A-4C67-B71D-8810AA7305DB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{27D3FB9A-BF9A-4C67-B71D-8810AA7305DB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\seznam-listicka-distribuce" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => not found
"HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cz.seznam.software.szndesktop" => removed successfully
"HKU\S-1-5-21-2026504303-3394863346-1200617100-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => not found
C:\Program Files (x86)\Seznam.cz => moved successfully
C:\Users\Dadejs\AppData\Roaming\Seznam.cz => moved successfully
"C:\Program Files\IObit" => not found
C:\Program Files (x86)\IObit => moved successfully
"C:\Program Files\Common Files\IObit" => not found
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
C:\Users\Dadejs\AppData\Roaming\IObit => moved successfully
C:\Users\Dadejs\AppData\LocalLow\IObit => moved successfully

=========== "C:\Users\Dadejs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Dadejs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Dadejs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Dadejs\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

C:\Windows\IObit => moved successfully
"C:\Windows\Tasks\ImCleanDisabled" => not found
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 251696884 B
Java, Flash, Steam htmlcache => 28173109 B
Windows/system/drivers => 724420 B
Edge => 16896 B
Chrome => 223005 B
Firefox => 22163396 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 0 B
NetworkService => 3720 B
Dadejs => 11511592 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 309 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:49:36 ====

O aky prehliadac/prehliadace sa jedna?

Stiahni Zoek: http://download.bleepingcomputer.com/smeenk/zoek.exe

• Uloz na plochu a spusti ako spravca
• Do okna skopiruj nasledujuci script:

  Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;

• Klikni na Run script
• Pockaj na dokoncenie a restartovanie PC
• Po restartovani vyskoci log (pripadne bude v C:\zoek-results.log), jeho obsah sem skopiruj

Ak sa Zoek zasekne a potrva to dlhsie ako cca 30-40 minut, rucne restartuj PC a skus poslat log, ak sa vytvoril.

Prohlížeč používám Firefox a ten poslední dobou fakt zlenivěl. Hlavně jeho spouštění je kolkikrát o nervy. A než spustí nějaký odkaz, tak je tam taky kolikrát celkem dlouhá prodleva.

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Dadejs on so 06.10.2018 at 10:59:34,95.
Microsoft Windows 10 Home 10.0.16299 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dadejs\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2018-05-13-183023.log 13583 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Centauri deleted successfully
C:\Users\Dadejs\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Dadejs\AppData\Local\Adobe deleted successfully
C:\Users\Dadejs\AppData\Local\DBG deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Centauri not found
C:\Users\Dadejs\AppData\Roaming\calibre deleted
C:\Users\Dadejs\.android deleted
C:\install.exe deleted
C:\windows\SysNative\Tasks\Avast Driver Updater Startup deleted
"C:\WINDOWS\Installer\23451bda.msi" deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\APM\DadejsFfl2.dat" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\Avast Driver Updater\settings.db" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\Avast Driver Updater\supdates.db" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\APM\Dadejs\kv_pam.db" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\Avast Driver Updater\Logs\2018-10-06 10-04-21 0.log" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\Avast Driver Updater" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\APM\Dadejs" not deleted
"C:\Users\Dadejs\AppData\Local\AVAST Software\Avast Driver Updater\Logs" not deleted

==== Orphaned Tasks deleted from Registry ======================

Avast Driver Updater Startup deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [19.11.2011 21:37]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [19.11.2011 21:37]

==== Firefox XPI-files found: ======================

- Seznam doplnk - Email - C:\FRST\Quarantine\C\Users\Dadejs\AppData\Roaming\Seznam.cz\data\fflisticka\seznam_doplnek_email-4.2.1-an+fx-windows.xpi
- Seznam pro Firefox - Email - C:\FRST\Quarantine\C\Users\Dadejs\AppData\Roaming\Seznam.cz\data\fflisticka\seznam_pro_firefox_email-4.1.0-an+fx-windows.xpi
- Seznam doplnk - Esko - C:\FRST\Quarantine\C\Users\Dadejs\AppData\Roaming\Seznam.cz\data\fflisticka\sko-extension@firma.seznam.cz.xpi
- avast Ad Blocker - C:\Program Files\AVAST Software\Avast\AdBlocker\FF\adblocker@avast.com.xpi
- __MSG_avastAppName__ - C:\Program Files\AVAST Software\Avast\SafePrice\FF\sp@avast.com.xpi
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF\wrc@avast.com.xpi

==== Chromium Look ======================

Google Chrome Version: 69.0.3497.100

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

Avast Online Security - Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - Dadejs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9878D4896A708DC479665304C87693D5 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{984D8789-07A6-4CD8-9766-35408C67395D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avast Driver Updater deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9878D4896A708DC479665304C87693D5 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Dadejs\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dadejs\AppData\Local\Mozilla\Firefox\Profiles\6iacqo6s.default-1402684941049-1528641835316\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Dadejs\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Dadejs\AppData\Local\Opera Software\Opera Neon\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3987 folders=1282 1620472695 bytes)

==== Empty Temp Folders ======================

C:\Users\Dadejs\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Dadejs\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Dadejs\AppData\Local\AVAST Software\APM\DadejsFfl2.dat" not found
"C:\Users\Dadejs\AppData\Local\AVAST Software\Avast Driver Updater\settings.db" not found
"C:\Users\Dadejs\AppData\Local\AVAST Software\Avast Driver Updater\supdates.db" not found
"C:\Users\Dadejs\AppData\Local\AVAST Software\APM\Dadejs\kv_pam.db" not found
"C:\Users\Dadejs\AppData\Local\AVAST Software\Avast Driver Updater\Logs\2018-10-06 10-04-21 0.log" not found
"C:\Users\Dadejs\AppData\Local\AVAST Software" not found

==== EOF on so 06.10.2018 at 14:15:12,43 ======================

Nastala teraz nejaka zmena?

Pripadne este skus vo Firefoxe obnovit predvolene nastavenia: do adresneho riadku napis "about:support" (bez uvodzoviek) a stlac enter, klikni na Obnovit Firefox a potvrd.