Ahoj, už se to tu v minulosti řešilo, ale asi virus za ty roky zmutoval a nemůžu se toho zbavit podle žádných dostupných návodů. Zkusil jsem krom klasických antivirů, plánovači úloh a zákazu v registrech a ccleaneru taky podle rad v jiném vlákně adwcleaner, hijack, otm, ale z hijacku nejdou vymazat
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
Asi to bude chtít víc práce. Níže logy:
# AdwCleaner v6.030 - Log soubor vytvořen 16/03/2017 na 00:45:13
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2017-03-15.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Jan Stejskal - DESKTOP-AVKCE7F
# Beží od : C:\Users\Jan Stejskal\Downloads\adwcleaner.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Users\Jan Stejskal\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Adresář smazán:C:\Users\Jan Stejskal\AppData\Roaming\qksee
[-] Adresář smazán:C:\Users\Jan Stejskal\AppData\Roaming\ffgogogo
[-] Adresář smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[-] Adresář smazán:C:\Users\Public\Documents\ffgogogo
[-] Adresář smazán:C:\Program Files (x86)\SearchesToYesbnd
[-] Adresář smazán:C:\Program Files (x86)\Winsere
[-] Adresář smazán:C:\Program Files (x86)\WinTaske
[-] Adresář smazán:C:\Program Files (x86)\QQBrowser
[-] Adresář smazán:C:\extensions
[-] Adresář smazán:C:\Users\Public\Documents\dmp
***** [ Soubory ] *****
[-] Soubor smazán:C:\Users\Jan Stejskal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk
[-] Soubor smazán:C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán:HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKLM\SOFTWARE\hdcode
[-] Klíč smazán:HKLM\SOFTWARE\yessearchesSoftware
[-] Klíč smazán:HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán:HKLM\SOFTWARE\qksee
[-] Klíč smazán:HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\ffgogogo
[-] Klíč smazán:[x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán:HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[#] Klíč smazán po restartování:HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[#] Klíč smazán po restartování:HKCU\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}
***** [ Prohlížeče ] *****
[-] [C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:hxxp://www.yessearches.com/?mode=nnnb&ptid=dam ... BnMoA3IlCE..
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3408 Bajtů] - [16/03/2017 00:45:13]
C:\AdwCleaner\AdwCleaner[S0].txt - [3681 Bajtů] - [16/03/2017 00:38:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3556 Bajtů] ##########
______________________________________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:01:32, on 16.03.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jan Stejskal\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Users\Jan Stejskal\Downloads\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AVGUI.exe] "C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jan Stejskal\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://my.garmin.com
O15 - Trusted Zone: http://software.garmin.com
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @oem7.inf,%fpCSEvtService_SvcDesc%;fpCSEvtSvc (fpCsEvtSvc) - Unknown owner - C:\WINDOWS\system32\fpCSEvtSvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Hotkey Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HotkeyService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem20.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @oem32.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem7.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\WINDOWS\SysWOW64\xmesrv.exe
--
End of file - 12543 bytes
Předem děkuju za rady.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Antimalware service executable
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Antimalware service executable
Zdravim 
Proc ty radky chcete smazat? Neni to havet, patri to Windows Defenderu, ktery je soucasti systemu.
Jinak log z HJT uz je par let naprosto nedostatecny, zvlast u 64bit systemu. Ale vidim tam nejak moc antiviru, jsou tam stopy AVG a Esetu. Jeden musi pryc.
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)
pan HANS píše:ale z hijacku nejdou vymazat
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
Proc ty radky chcete smazat? Neni to havet, patri to Windows Defenderu, ktery je soucasti systemu. Jinak log z HJT uz je par let naprosto nedostatecny, zvlast u 64bit systemu. Ale vidim tam nejak moc antiviru, jsou tam stopy AVG a Esetu. Jeden musi pryc.
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach (Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Antimalware service executable
Posílám, antiviry jsem nainstaloval až po problému. Nechtěl jsem, aby je program vymazal, spíš opravil, když ten problém způsobuje Win Defender.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Jan Stejskal (administrator) on DESKTOP-AVKCE7F (16-03-2017 09:32:05)
Running from C:\Users\Jan Stejskal\Downloads
Loaded Profiles: Jan Stejskal (Available Profiles: Jan Stejskal)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HotkeyService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8515832 2015-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [227896 2016-06-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5009096 2016-04-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-05] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [442592 2015-07-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-13] (Valve Corporation)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{cebb355e-4345-426a-9097-cc9dcf52cd41}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e6261f71-e4eb-4b1c-88e0-45a17eaea430}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-20002027-273994422-1878103601-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-20002027-273994422-1878103601-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: csas.cz/Partner24 -> C:\Program Files (x86)\Partner24\npPartner24.dll [2016-11-14] (Ceska sporitelna, a.s.)
Chrome:
=======
CHR Profile: C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default [2017-03-16]
CHR Extension: (Prezentace Google) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-10]
CHR Extension: (Dokumenty Google) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-10]
CHR Extension: (Disk Google) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-10]
CHR Extension: (YouTube) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-10]
CHR Extension: (Tabulky Google) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-05]
CHR Extension: (Přihlášení do aplikace Partner24) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcimcldmgjgkdhdgifbfiblffdhddbpa [2017-03-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1257384 2017-02-27] (AVG Technologies CZ, s.r.o.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22528 2015-06-10] ()
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
R2 HP Hotkey Service; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HotkeyService.exe [847584 2015-07-15] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370072 2015-09-23] (Intel Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312064 2015-08-19] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263800 2016-02-05] (Synaptics Incorporated)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [53248 2015-06-10] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 xmengine service; C:\WINDOWS\SysWOW64\xmesrv.exe [34696 2009-09-25] (Monet+, a.s.)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-10] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-10] (Disc Soft Ltd)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-07-10] (Gemalto)
S3 iaStorB; C:\WINDOWS\System32\drivers\iaStorB.sys [559576 2015-05-21] (Intel Corporation)
S3 iaStorS; C:\WINDOWS\System32\drivers\iaStorS.sys [665592 2015-06-04] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3506464 2015-09-16] (Intel Corporation)
S3 rccfg; C:\WINDOWS\System32\drivers\rccfg.sys [22552 2015-05-11] (AMD, Inc.)
S3 rcraid; C:\WINDOWS\System32\drivers\rcraid.sys [540184 2015-05-11] (AMD, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [772336 2015-08-27] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3126032 2016-06-23] (Realtek Semiconductor Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP)
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-16 09:24 - 2017-03-15 20:19 - 00549912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C88.tmp
2017-03-16 09:24 - 2017-03-15 20:19 - 00338576 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C99.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00994592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6BD8.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00336920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6B1A.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00311592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6AE9.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6AFA.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00166136 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6A7B.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00163512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6CD9.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00127584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C67.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00101624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C07.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00076688 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C78.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6B2B.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C57.tmp
2017-03-16 09:11 - 2017-03-16 09:12 - 00038451 _____ C:\Users\Jan Stejskal\Downloads\Addition.txt
2017-03-16 09:08 - 2017-03-16 09:33 - 00016939 _____ C:\Users\Jan Stejskal\Downloads\FRST.txt
2017-03-16 09:08 - 2017-03-16 09:32 - 00000000 ____D C:\FRST
2017-03-16 09:08 - 2017-03-16 09:08 - 02424832 _____ (Farbar) C:\Users\Jan Stejskal\Downloads\FRST64.exe
2017-03-16 00:52 - 2017-03-16 00:52 - 00003651 _____ C:\Users\Jan Stejskal\Desktop\AdwCleaner[C0].txt
2017-03-16 00:36 - 2017-03-16 00:45 - 00000000 ____D C:\AdwCleaner
2017-03-16 00:36 - 2017-03-16 00:36 - 03910208 _____ C:\Users\Jan Stejskal\Downloads\adwcleaner.exe
2017-03-16 00:23 - 2017-03-16 01:07 - 00000000 ____D C:\Users\Jan Stejskal\Downloads\backups
2017-03-16 00:19 - 2017-03-16 00:19 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jan Stejskal\Downloads\HijackThis.exe
2017-03-16 00:17 - 2017-03-16 00:17 - 00002586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-03-16 00:17 - 2017-02-21 09:29 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-03-15 20:29 - 2017-03-15 20:29 - 03135616 _____ (ESET) C:\Users\Jan Stejskal\Downloads\A840102_eset_nod32_antivirus_live_installer.exe
2017-03-15 20:20 - 2017-03-15 20:20 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Roaming\AVG
2017-03-15 20:16 - 2017-03-15 20:16 - 00000955 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-15 20:16 - 2017-03-15 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-03-15 20:13 - 2017-03-16 01:52 - 00003052 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-15 20:13 - 2017-03-16 00:16 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-15 20:12 - 2017-03-16 09:24 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\AvgSetupLog
2017-03-15 20:12 - 2017-03-16 00:16 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\Avg
2017-03-15 20:12 - 2017-03-16 00:16 - 00000000 ____D C:\ProgramData\Avg
2017-03-15 20:12 - 2017-03-15 20:12 - 03449440 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Jan Stejskal\Downloads\Antivirus_Free_1861.exe
2017-03-15 19:50 - 2017-03-15 19:50 - 00008402 _____ C:\Users\Jan Stejskal\Documents\cc_20170315_195003.reg
2017-03-15 19:27 - 2017-03-15 19:29 - 183035904 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E22.Jak.je.nutne.mit.Weinsteina.DVBT.XviD.CZ-dRTV.avi
2017-03-15 18:47 - 2017-03-15 18:47 - 00107076 _____ C:\Users\Jan Stejskal\Documents\cc_20170315_184744.reg
2017-03-15 18:45 - 2017-03-15 18:45 - 00002884 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-15 18:45 - 2017-03-15 18:45 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-15 18:45 - 2017-03-15 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-15 18:45 - 2017-03-15 18:45 - 00000000 ____D C:\Program Files\CCleaner
2017-03-15 18:44 - 2017-03-15 18:44 - 09274608 _____ (Piriform Ltd) C:\Users\Jan Stejskal\Downloads\ccsetup528.exe
2017-03-15 17:35 - 2017-03-15 17:35 - 00118825 _____ C:\Users\Jan Stejskal\Downloads\200507 (3).pdf
2017-03-15 17:35 - 2017-03-15 17:35 - 00021276 _____ C:\Users\Jan Stejskal\Downloads\Checklist_919523407991449.pdf
2017-03-15 14:32 - 2017-03-15 14:32 - 00125291 _____ C:\Users\Jan Stejskal\Downloads\200507 (2).pdf
2017-03-15 14:32 - 2017-03-15 14:32 - 00125291 _____ C:\Users\Jan Stejskal\Downloads\200507 (1).pdf
2017-03-15 14:32 - 2017-03-15 14:32 - 00020914 _____ C:\Users\Jan Stejskal\Downloads\Checklist_993299389031005.pdf
2017-03-15 13:58 - 2017-03-15 13:58 - 00123086 _____ C:\Users\Jan Stejskal\Downloads\200507.pdf
2017-03-15 13:58 - 2017-03-15 13:58 - 00024544 _____ C:\Users\Jan Stejskal\Downloads\Checklist_991180197972055.pdf
2017-03-15 12:53 - 2017-03-15 12:53 - 00258439 _____ C:\Users\Jan Stejskal\Downloads\20170314144723814.pdf
2017-03-15 11:04 - 2017-03-15 11:04 - 00084480 _____ C:\Users\Jan Stejskal\Downloads\095_Prehled_skoleni_CKOM.xls
2017-03-15 10:46 - 2017-03-15 10:47 - 21452494 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57854.zip
2017-03-15 10:34 - 2017-03-15 10:34 - 00520243 _____ C:\Users\Jan Stejskal\Downloads\Kupní smlouva - chata.pdf
2017-03-15 10:34 - 2017-03-15 10:34 - 00138723 _____ C:\Users\Jan Stejskal\Downloads\40_2_LV413320507.pdf
2017-03-14 19:43 - 2017-03-14 19:44 - 182499328 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E21.Nad.dopisy.divaku.DVBT.XviD.CZ-dRTV.avi
2017-03-14 14:02 - 2017-03-14 14:02 - 00073331 _____ C:\Users\Jan Stejskal\Downloads\79591279011.pdf
2017-03-14 12:50 - 2017-03-14 12:50 - 00074527 _____ C:\Users\Jan Stejskal\Downloads\79585593011.pdf
2017-03-14 12:48 - 2017-03-14 12:48 - 00073897 _____ C:\Users\Jan Stejskal\Downloads\79585504011.pdf
2017-03-14 12:47 - 2017-03-14 12:47 - 00073453 _____ C:\Users\Jan Stejskal\Downloads\79585453011.pdf
2017-03-14 12:45 - 2017-03-14 12:45 - 00073941 _____ C:\Users\Jan Stejskal\Downloads\79585348011.pdf
2017-03-14 12:43 - 2017-03-14 12:43 - 00073160 _____ C:\Users\Jan Stejskal\Downloads\79585212011.pdf
2017-03-14 12:41 - 2017-03-14 12:41 - 00073821 _____ C:\Users\Jan Stejskal\Downloads\79585026011.pdf
2017-03-14 12:34 - 2017-03-14 12:34 - 00073821 _____ C:\Users\Jan Stejskal\Downloads\79584709011.pdf
2017-03-14 12:32 - 2017-03-14 12:32 - 00076755 _____ C:\Users\Jan Stejskal\Downloads\79584515011.pdf
2017-03-14 12:27 - 2017-03-14 12:27 - 00073014 _____ C:\Users\Jan Stejskal\Downloads\79584370011.pdf
2017-03-14 12:24 - 2017-03-14 12:24 - 00073443 _____ C:\Users\Jan Stejskal\Downloads\79584229011.pdf
2017-03-14 12:23 - 2017-03-14 12:23 - 00073140 _____ C:\Users\Jan Stejskal\Downloads\79584120011.pdf
2017-03-14 12:22 - 2017-03-14 12:22 - 00074089 _____ C:\Users\Jan Stejskal\Downloads\79583915011.pdf
2017-03-14 11:06 - 2017-03-14 11:06 - 28277297 _____ (Oleg N. Scherbakov) C:\Users\Jan Stejskal\Downloads\NESetup2_1_25_6.exe
2017-03-14 10:28 - 2017-03-14 10:28 - 01037186 _____ (Česká Spořitelna a.s.) C:\Users\Jan Stejskal\Downloads\P24_Instalace_SW.exe
2017-03-14 10:27 - 2017-03-14 10:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-03-14 10:10 - 2017-03-14 10:10 - 15270537 _____ (Česká Spořitelna a.s.) C:\Users\Jan Stejskal\Downloads\P24_Instalace_HW.exe
2017-03-14 10:10 - 2017-03-14 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CS CryptoPlus v1.0
2017-03-14 10:10 - 2017-03-14 10:10 - 00000000 ____D C:\Program Files\CryptoPlus
2017-03-14 10:10 - 2017-03-14 10:10 - 00000000 ____D C:\Program Files (x86)\Partner24
2017-03-14 10:10 - 2017-03-14 10:10 - 00000000 ____D C:\Program Files (x86)\CryptoPlus
2017-03-14 09:35 - 2017-03-14 09:35 - 00002758 _____ C:\Users\Jan Stejskal\Downloads\QCA2264572.pem
2017-03-14 09:35 - 2017-03-14 09:35 - 00001964 _____ C:\Users\Jan Stejskal\Downloads\QCA2264572.crt
2017-03-14 09:32 - 2017-03-14 09:32 - 04670664 _____ C:\Users\Jan Stejskal\Downloads\iSignum (1).exe
2017-03-13 20:11 - 2017-03-13 20:13 - 182824960 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E20.Cesta.do.Evropy.DVBT.XviD.CZ-dRTV.avi
2017-03-13 16:35 - 2017-03-13 17:32 - 3850001403 _____ C:\Users\Jan Stejskal\Downloads\X-Men.Budouci.minulost.2014.720p.BluRay.x264.AC3.CZ.dabing.mkv
2017-03-13 16:01 - 2017-03-13 16:01 - 01155098 _____ C:\Users\Jan Stejskal\Desktop\Libocany - rizika.pdf
2017-03-13 14:11 - 2017-03-14 19:45 - 01056367 _____ C:\Users\Jan Stejskal\Desktop\Databáze-BJ.xlsx
2017-03-08 15:12 - 2017-03-08 15:12 - 00149444 _____ C:\Users\Jan Stejskal\Downloads\Untitled (30).tif
2017-03-08 13:54 - 2017-03-08 13:54 - 00069280 _____ C:\Users\Jan Stejskal\Downloads\vrabik (1).tif
2017-03-08 13:52 - 2017-03-08 13:52 - 00149444 _____ C:\Users\Jan Stejskal\Downloads\Untitled (29).tif
2017-03-08 13:33 - 2017-03-08 13:33 - 00149444 _____ C:\Users\Jan Stejskal\Downloads\Untitled (28).tif
2017-03-08 13:33 - 2017-03-08 13:33 - 00069280 _____ C:\Users\Jan Stejskal\Downloads\vrabik.tif
2017-03-08 13:31 - 2017-03-08 13:36 - 182931456 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E19.V.dobrem.i.ve.zlem.DVBT.XviD.CZ-dRTV.avi
2017-03-08 10:38 - 2017-03-08 12:41 - 1055654797 _____ C:\Users\Jan Stejskal\Downloads\X-Men-3-Posledni-vzdor-CZdab.mkv
2017-03-08 10:04 - 2017-03-08 10:04 - 09947184 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57756.zip
2017-03-08 09:09 - 2017-03-08 09:10 - 00362909 _____ C:\Users\Jan Stejskal\Downloads\f2 (28).pdf
2017-03-08 08:05 - 2017-03-08 08:05 - 06278436 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57770.zip
2017-03-07 22:02 - 2017-03-07 22:02 - 00367748 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57806.zip
2017-03-07 22:02 - 2017-03-07 22:02 - 00367748 _____ C:\Users\Jan Stejskal\Desktop\prilohy_57806.zip
2017-03-07 22:02 - 2017-03-07 22:02 - 00000000 ____D C:\Users\Jan Stejskal\Desktop\prilohy_57806
2017-03-07 11:09 - 2017-03-07 11:09 - 05561458 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57506.zip
2017-03-07 09:43 - 2017-03-07 09:43 - 10213691 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57722.zip
2017-03-07 09:28 - 2017-03-07 09:46 - 1960059582 _____ C:\Users\Jan Stejskal\Downloads\X-Men.2.2003.1080p.BRRip.x264.AC3.5.1.CZ.Dabing.mkv
2017-03-07 09:26 - 2017-03-07 09:27 - 182740992 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E18.Horka.chut.slavy.DVBT.XviD.CZ-dRTV.avi
2017-03-06 20:34 - 2017-03-06 20:34 - 00140951 _____ C:\Users\Jan Stejskal\Downloads\Zofová 2.pdf
2017-03-06 10:20 - 2017-03-06 10:21 - 182894592 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E16.Vanocni.silenstvi.DVBT.XviD.CZ-dRTV.avi
2017-03-06 09:54 - 2017-03-06 09:55 - 00010858 _____ C:\Users\Jan Stejskal\Downloads\inex1207 (8).xlsx
2017-03-05 13:42 - 2017-03-05 13:42 - 00141560 _____ C:\Users\Jan Stejskal\Downloads\Zofová LV.pdf
2017-03-05 12:57 - 2017-03-05 12:57 - 15432844 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57616.zip
2017-03-05 12:33 - 2017-03-05 13:27 - 2906346391 _____ C:\Users\Jan Stejskal\Downloads\X-Men-1-cz-2000-720p.mkv
2017-03-05 12:25 - 2017-03-05 12:26 - 182683648 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E15.Zdatny.invalida.DVBT.XviD.CZ-dRTV.avi
2017-03-05 11:51 - 2017-03-05 11:51 - 00000000 ____D C:\Users\Jan Stejskal\Desktop\Adele---25-Target-Deluxe-Edition-2015
2017-03-05 11:45 - 2017-03-05 11:45 - 22783574 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57618.zip
2017-03-05 10:12 - 2017-03-05 10:25 - 783303390 _____ C:\Users\Jan Stejskal\Downloads\Peaky.Blinders.S03E01.720p.HDTV.x264-CZ-tit.mp4
2017-03-04 23:22 - 2017-03-04 23:30 - 766113532 _____ C:\Users\Jan Stejskal\Downloads\Trollove-Trollovia-Trolls.2016.BDRip.XviD.CZ.dab.avi
2017-03-04 19:16 - 2017-03-04 19:53 - 1677678592 _____ C:\Users\Jan Stejskal\Downloads\X-Men---Prvni-trida-cz.avi
2017-03-03 14:16 - 2017-03-03 14:16 - 02525050 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57437.zip
2017-03-03 14:15 - 2017-03-03 14:15 - 08212444 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57441.zip
2017-03-03 14:14 - 2017-03-03 14:14 - 00254248 _____ C:\Users\Jan Stejskal\Downloads\smlouva o advokátní úschově - 01.pdf
2017-03-03 14:14 - 2017-03-03 14:14 - 00182717 _____ C:\Users\Jan Stejskal\Downloads\kupní smlouva - 01.pdf
2017-03-03 14:14 - 2017-03-03 14:14 - 00137942 _____ C:\Users\Jan Stejskal\Downloads\Honzák LV.pdf
2017-03-03 13:49 - 2017-03-03 13:49 - 00156829 _____ C:\Users\Jan Stejskal\Downloads\LV-Mráček.tif
2017-03-03 11:40 - 2017-03-03 11:45 - 182796288 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E14.Rodokmen.Griffinu.DVBT.XviD.CZ-dRTV.avi
2017-03-03 11:09 - 2017-03-03 11:09 - 00484317 _____ C:\Users\Jan Stejskal\Downloads\f2 (27).pdf
2017-03-03 10:17 - 2017-03-03 10:17 - 10428653 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57496.zip
2017-03-03 10:16 - 2017-03-03 10:16 - 00805370 _____ C:\Users\Jan Stejskal\Downloads\IMG_20170302_0001 (1).pdf
2017-03-02 21:14 - 2017-03-02 21:14 - 00675691 _____ C:\Users\Jan Stejskal\Downloads\F2 (26).pdf
2017-03-02 21:14 - 2017-03-02 21:14 - 00671657 _____ C:\Users\Jan Stejskal\Downloads\F3 (16).pdf
2017-03-02 21:14 - 2017-03-02 21:14 - 00663320 _____ C:\Users\Jan Stejskal\Downloads\F1 (35).pdf
2017-03-02 21:13 - 2017-03-02 21:14 - 00671657 _____ C:\Users\Jan Stejskal\Downloads\F3 (15).pdf
2017-03-02 13:27 - 2017-03-02 13:27 - 00182133 _____ C:\Users\Jan Stejskal\Downloads\lv (17).pdf
2017-03-02 11:42 - 2017-03-02 11:42 - 00695580 _____ C:\Users\Jan Stejskal\Downloads\3 (2).pdf
2017-03-02 11:29 - 2017-03-02 11:29 - 00695589 _____ C:\Users\Jan Stejskal\Downloads\3 (1).pdf
2017-03-02 11:29 - 2017-03-02 11:29 - 00676037 _____ C:\Users\Jan Stejskal\Downloads\1 (1).pdf
2017-03-02 11:00 - 2017-03-02 11:00 - 00805370 _____ C:\Users\Jan Stejskal\Downloads\IMG_20170302_0001.pdf
2017-03-02 09:56 - 2017-03-02 09:56 - 00298628 _____ C:\Users\Jan Stejskal\Downloads\triatlon16.xlsx
2017-03-02 09:10 - 2017-03-02 09:10 - 01964032 _____ C:\Users\Jan Stejskal\Downloads\UniCredit_6_6_2.xlt
2017-03-02 09:10 - 2017-03-02 09:10 - 01094742 _____ C:\Users\Jan Stejskal\Downloads\UniCredit_6_6_2.xltm
2017-03-02 09:01 - 2017-03-02 09:01 - 00539691 _____ C:\Users\Jan Stejskal\Downloads\04 - Dušek David - Oceňování věcných břemen (1).pdf
2017-03-02 09:00 - 2017-03-02 09:00 - 01021783 _____ C:\Users\Jan Stejskal\Downloads\UniCredit_6_6_21 (3).xlsm
2017-03-02 08:01 - 2017-03-02 08:05 - 182937600 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E13.Mizerny.cokl.DVBT.XviD.CZ-dRTV.avi
2017-02-28 22:36 - 2017-02-28 22:36 - 01786776 _____ C:\Users\Jan Stejskal\Downloads\Najemni_smlouva_Purkyneho.pdf
2017-02-28 14:24 - 2017-02-28 14:24 - 00710788 _____ C:\Users\Jan Stejskal\Downloads\IMG_20170222_0001.pdf
2017-02-28 14:24 - 2017-02-28 14:24 - 00140125 _____ C:\Users\Jan Stejskal\Downloads\Hanzelínová - LV.pdf
2017-02-28 12:30 - 2017-02-28 12:31 - 182599680 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E12.Hrdina.Chris.DVBT.XviD.CZ-dRTV.avi
2017-02-28 12:26 - 2017-02-28 12:27 - 181446704 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi-S03E11-Hon-na-spermii-by-Shini.avi
2017-02-28 11:24 - 2017-02-28 11:24 - 08265891 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57306 (1).zip
2017-02-28 11:01 - 2017-02-28 11:01 - 00889076 _____ C:\Users\Jan Stejskal\Downloads\LV ČERADICE 47 - KRAMPERA JAN.pdf
2017-02-27 14:59 - 2017-02-27 14:59 - 01021783 _____ C:\Users\Jan Stejskal\Downloads\UniCredit_6_6_21 (2).xlsm
2017-02-27 14:07 - 2017-02-27 14:07 - 08265891 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57306.zip
2017-02-27 09:16 - 2017-02-27 09:16 - 00139586 _____ C:\Users\Jan Stejskal\Downloads\LV_83.pdf
2017-02-26 18:21 - 2017-02-26 18:22 - 181428224 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E09.Rytir.sobotni.noci.DVBT.XviD.CZ-dRTV.avi
2017-02-26 14:52 - 2017-02-26 14:52 - 00151771 _____ C:\Users\Jan Stejskal\Downloads\ValuationReport (9).pdf
2017-02-26 13:47 - 2017-02-26 13:47 - 10443304 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57262.zip
2017-02-26 13:47 - 2017-02-26 13:47 - 01099087 _____ C:\Users\Jan Stejskal\Downloads\BJ č.p. 2101 v ul. Purkyněho v Žatci.xlsm
2017-02-26 12:31 - 2017-02-26 12:31 - 01096050 _____ C:\Users\Jan Stejskal\Downloads\BJ-č.p.-2663-v-ul.-Volyňských-Čechů-v-Žatci.xlsm
2017-02-26 12:29 - 2017-02-26 12:30 - 181448704 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E07.Smrtonosna.zbran.DVBT.XviD.CZ-dRTV.avi
2017-02-26 12:28 - 2017-02-26 12:28 - 08058486 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57268.zip
2017-02-26 10:54 - 2017-02-26 10:55 - 00141090 _____ C:\Users\Jan Stejskal\Downloads\LV_62.pdf
2017-02-26 10:48 - 2017-02-26 10:48 - 04542033 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57285 (1).zip
2017-02-26 10:45 - 2017-02-26 10:45 - 04542033 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57285.zip
2017-02-26 10:41 - 2017-02-26 10:41 - 00252822 _____ C:\Users\Jan Stejskal\Downloads\Výst. RD Račetice ZoSV č. 1.pdf
2017-02-25 21:23 - 2017-02-25 21:30 - 1457096624 _____ C:\Users\Jan Stejskal\Downloads\X-Men.Apokalypsa.2016.720p.BDRip.x264.CZ-S1LV3R.mkv
2017-02-25 16:13 - 2017-02-25 16:13 - 181436416 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E10.Ryba.na.suchu.DVBT.XviD.CZ-dRTV.avi
2017-02-25 11:35 - 2017-02-25 11:35 - 110952448 _____ (Tracker Software Products (Canada) Ltd.) C:\Users\Jan Stejskal\Desktop\PDF-XChange-Editor.exe
2017-02-25 11:35 - 2017-02-25 11:35 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Roaming\Thinstall
2017-02-25 11:35 - 2017-02-25 11:35 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\Thinstall
2017-02-25 11:28 - 2017-02-25 11:35 - 110952448 _____ (Tracker Software Products (Canada) Ltd.) C:\Users\Jan Stejskal\Downloads\PDF-XChange-Editor.exe
2017-02-25 10:54 - 2017-02-25 10:54 - 01038645 _____ C:\Users\Jan Stejskal\Downloads\IMG_20170224_0001.pdf
2017-02-25 10:42 - 2017-02-25 10:42 - 10884876 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57256.zip
2017-02-25 09:53 - 2017-02-25 09:53 - 14580381 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57222.zip
2017-02-25 09:19 - 2017-02-25 09:19 - 00420940 _____ C:\Users\Jan Stejskal\Downloads\NT1 (3).PDF
2017-02-25 09:10 - 2017-02-25 09:10 - 00883363 _____ C:\Users\Jan Stejskal\Downloads\f2 (25).pdf
2017-02-25 09:04 - 2017-02-25 09:04 - 00883296 _____ C:\Users\Jan Stejskal\Downloads\f2 (24).pdf
2017-02-25 09:04 - 2017-02-25 09:04 - 00676557 _____ C:\Users\Jan Stejskal\Downloads\f1 (34).pdf
2017-02-25 09:04 - 2017-02-25 09:04 - 00240718 _____ C:\Users\Jan Stejskal\Downloads\f3 (14).pdf
2017-02-25 08:12 - 2017-02-25 08:13 - 181456896 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E06.Smrt.zije.DVBT.XviD.CZ-dRTV.avi
2017-02-25 08:11 - 2017-02-25 08:11 - 13249463 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57216.zip
2017-02-24 22:42 - 2017-02-24 22:44 - 355702227 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x06-tcz.mp4
2017-02-23 17:13 - 2017-02-23 17:14 - 181411840 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E05.A.vitezem.se.stava...DVBT.XviD.CZ-dRTV.avi
2017-02-23 13:30 - 2017-02-23 13:30 - 04863388 _____ C:\Users\Jan Stejskal\Downloads\Smlouva o smlouvě budoucí kupní.pdf
2017-02-23 13:30 - 2017-02-23 13:30 - 00136316 _____ C:\Users\Jan Stejskal\Downloads\LV BJ účel HU.pdf
2017-02-23 13:30 - 2017-02-23 13:30 - 00135473 _____ C:\Users\Jan Stejskal\Downloads\LV BJ dozajištění.pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00362025 _____ C:\Users\Jan Stejskal\Downloads\f7.pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00292275 _____ C:\Users\Jan Stejskal\Downloads\f2 (23).pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00287124 _____ C:\Users\Jan Stejskal\Downloads\f8.pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00287124 _____ C:\Users\Jan Stejskal\Downloads\f8 (1).pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00199743 _____ C:\Users\Jan Stejskal\Downloads\f9.pdf
2017-02-23 08:27 - 2017-02-23 08:27 - 13546627 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56790.zip
2017-02-22 18:11 - 2017-02-22 18:16 - 1447659546 _____ C:\Users\Jan Stejskal\Downloads\Angry-Birds-ve-filmu---Angry-Birds-2016-CZ-a-SK-Dab.BRRip.XviD.avi
2017-02-22 18:11 - 2016-07-28 19:45 - 826982400 _____ C:\Users\Jan Stejskal\Desktop\Gnomeo-a-Julie-2011-CZdub-Animovany-Dobrodruzny-Romanticky-Komedie-By-Locika.avi
2017-02-22 17:50 - 2017-02-22 17:53 - 848044878 _____ C:\Users\Jan Stejskal\Downloads\Angry-Birds-ve-filmu-2016-cz-dab..avi
2017-02-22 16:29 - 2017-02-22 16:33 - 182130688 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E04.Skeble.domov.nas.DVBT.XviD.CZ-dRTV.avi
2017-02-22 14:50 - 2017-02-22 14:50 - 03985855 _____ C:\Users\Jan Stejskal\Downloads\IMG_1695.MOV
2017-02-22 12:50 - 2017-02-22 12:50 - 01961636 _____ C:\Users\Jan Stejskal\Downloads\IMG_0628.MOV
2017-02-22 12:49 - 2017-02-22 12:49 - 05175712 _____ C:\Users\Jan Stejskal\Downloads\IMG_0620.MOV
2017-02-22 11:39 - 2017-02-22 11:39 - 11043326 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57030.zip
2017-02-22 08:55 - 2017-02-22 08:55 - 19870217 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57131.zip
2017-02-22 07:56 - 2017-02-22 07:58 - 181733376 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E02.Brian.dobyva.Hollywood.DVBT.XviD.CZ-dRTV.avi
2017-02-21 17:18 - 2017-02-21 17:18 - 20293242 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57007.zip
2017-02-21 16:27 - 2017-02-21 16:27 - 00737282 _____ C:\Users\Jan Stejskal\Downloads\20170221120557004.pdf
2017-02-21 14:04 - 2017-02-21 14:04 - 02405459 _____ C:\Users\Jan Stejskal\Downloads\Leták A5 - Půjčovna vysoušečů kopie.pdf
2017-02-20 23:07 - 2017-02-20 23:19 - 307039357 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x05-tcz.mp4
2017-02-20 21:11 - 2017-02-20 21:30 - 332644529 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x04-tcz.mp4
2017-02-20 20:23 - 2017-02-20 20:23 - 01065561 _____ C:\Users\Jan Stejskal\Downloads\scan_174746.pdf
2017-02-20 20:22 - 2017-02-20 20:22 - 00140831 _____ C:\Users\Jan Stejskal\Downloads\40_2_LV395160507.pdf
2017-02-20 14:54 - 2017-02-20 14:54 - 00428741 _____ C:\Users\Jan Stejskal\Downloads\f2 (22).pdf
2017-02-20 12:14 - 2017-02-20 12:14 - 11982277 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56879.zip
2017-02-20 09:21 - 2017-02-20 09:22 - 13166698 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56941.zip
2017-02-20 08:56 - 2017-02-20 08:57 - 01272087 _____ C:\Users\Jan Stejskal\Downloads\pov.mapy_CAP (10).pdf
2017-02-19 18:42 - 2017-02-19 18:43 - 16159485 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56977.zip
2017-02-19 17:48 - 2017-02-19 17:48 - 10150917 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56976.zip
2017-02-19 08:08 - 2017-02-19 08:08 - 11213438 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56897.zip
2017-02-18 19:01 - 2017-02-18 19:12 - 181377072 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi-S03E03-Pan-Griffin-jede-do-Washingtonu-by-Shini.avi
2017-02-17 22:48 - 2017-02-17 23:04 - 318579909 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x03-tcz.mp4
2017-02-17 12:01 - 2017-02-17 12:02 - 181633024 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E01.Tenka.bila.linie.DVBT.XviD.CZ-dRTV.avi
2017-02-17 11:49 - 2017-02-17 11:49 - 06050790 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56812.zip
2017-02-17 11:46 - 2017-02-17 11:46 - 00143247 _____ C:\Users\Jan Stejskal\Downloads\LV (16).pdf
2017-02-17 11:43 - 2017-02-17 11:44 - 00182501 _____ C:\Users\Jan Stejskal\Downloads\scan_170208.pdf
2017-02-17 11:06 - 2017-02-17 11:06 - 00139849 _____ C:\Users\Jan Stejskal\Downloads\Jirásek LV.pdf
2017-02-17 10:57 - 2017-02-17 10:56 - 00803504 _____ C:\Users\Jan Stejskal\Desktop\VTP trikolka II.jpeg.jpeg
2017-02-17 10:57 - 2017-02-17 10:56 - 00732275 _____ C:\Users\Jan Stejskal\Desktop\VTP trikolka I.jpeg
2017-02-16 22:51 - 2017-02-16 23:10 - 458372180 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders---02x02---TVrip-a-tit---CZ.avi
2017-02-16 14:59 - 2017-02-16 15:00 - 181706752 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S02E13.Cesta.na.Rhode.Island.DVBT.XviD.CZ-dRTV.avi
2017-02-16 12:36 - 2017-02-16 12:36 - 01911492 _____ C:\Users\Jan Stejskal\Downloads\smlouva dum.pdf
2017-02-16 12:36 - 2017-02-16 12:36 - 00114095 _____ C:\Users\Jan Stejskal\Downloads\LV (15).pdf
2017-02-16 10:49 - 2017-02-16 10:49 - 10568633 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56830.zip
2017-02-15 17:21 - 2017-02-15 17:21 - 00703166 _____ C:\Users\Jan Stejskal\Downloads\3.pdf
2017-02-15 17:21 - 2017-02-15 17:21 - 00694428 _____ C:\Users\Jan Stejskal\Downloads\2.pdf
2017-02-15 17:21 - 2017-02-15 17:21 - 00694428 _____ C:\Users\Jan Stejskal\Downloads\2 (1).pdf
2017-02-15 17:21 - 2017-02-15 17:21 - 00676299 _____ C:\Users\Jan Stejskal\Downloads\1.pdf
2017-02-15 17:15 - 2017-02-15 17:41 - 969711616 _____ C:\Users\Jan Stejskal\Downloads\Mupeti-rodinna-komedie-USA--2011-102min..avi
2017-02-15 13:10 - 2017-02-15 13:10 - 00054517 _____ C:\Users\Jan Stejskal\Downloads\CUZK_718289_LV_692_201702131055.PDF
2017-02-14 23:40 - 2017-02-14 23:49 - 290708200 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x01-tcz.mp4
2017-02-14 15:56 - 2017-02-14 15:56 - 00929029 _____ C:\Users\Jan Stejskal\Downloads\Eva Čajanová - odhad.pdf
2017-02-14 15:55 - 2017-02-14 15:55 - 00372844 _____ C:\Users\Jan Stejskal\Downloads\20170210153007686 (1).pdf
2017-02-14 14:37 - 2017-02-14 14:37 - 00073517 _____ C:\Users\Jan Stejskal\Downloads\78446828011.pdf
2017-02-14 12:49 - 2017-02-14 12:49 - 00025925 _____ C:\Users\Jan Stejskal\Downloads\Objednávka odhadu UNI 1 (1).ods
2017-02-14 12:48 - 2017-02-14 12:48 - 00109109 _____ C:\Users\Jan Stejskal\Downloads\LV cesta.pdf
2017-02-14 12:48 - 2017-02-14 12:48 - 00107317 _____ C:\Users\Jan Stejskal\Downloads\LV sad.pdf
2017-02-14 12:15 - 2017-02-14 12:16 - 181553152 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S02E12.Patnact.minut.hanby.DVBT.XviD.CZ-dRTV.avi
2017-02-14 11:59 - 2017-02-14 11:59 - 01158582 _____ C:\Users\Jan Stejskal\Downloads\svitilova103632 (1).pdf
2017-02-14 11:48 - 2017-02-14 11:48 - 09208997 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56613 (1).zip
2017-02-14 11:46 - 2017-02-14 11:46 - 09208997 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56613.zip
2017-02-14 10:58 - 2017-02-14 10:58 - 08003378 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56645.zip
2017-02-14 10:44 - 2017-02-14 10:44 - 00144328 _____ C:\Users\Jan Stejskal\Downloads\LV (14).pdf
2017-02-14 00:33 - 2017-02-14 00:41 - 316290778 _____ C:\Users\Jan Stejskal\Downloads\Hovory-H-jeste-po-20-letech-02-Dotazy.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-16 09:31 - 2016-03-12 22:04 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Roaming\vlc
2017-03-16 09:21 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-03-16 09:21 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-16 09:02 - 2016-10-05 21:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-16 01:52 - 2016-10-05 22:23 - 00002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-03-16 01:48 - 2016-05-06 16:46 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2017-03-16 01:19 - 2016-11-21 10:02 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-16 01:11 - 2016-10-05 22:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-16 01:11 - 2016-10-05 21:56 - 00000000 ____D C:\ProgramData\Validity
2017-03-16 01:11 - 2016-10-05 21:55 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-16 01:11 - 2016-03-10 21:46 - 00000000 __SHD C:\Users\Jan Stejskal\IntelGraphicsProfiles
2017-03-16 01:10 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-16 00:44 - 2016-03-29 12:18 - 00000000 ____D C:\WINDOWS\system32\log
2017-03-16 00:19 - 2016-03-10 21:45 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\VirtualStore
2017-03-15 19:47 - 2016-03-14 20:38 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2017-03-15 19:35 - 2016-10-05 22:50 - 00000000 ___DC C:\WINDOWS\Panther
2017-03-15 19:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-15 19:35 - 2016-03-10 21:07 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Roaming\DAEMON Tools Lite
2017-03-15 18:14 - 2016-10-05 22:01 - 00000000 ____D C:\Users\Jan Stejskal
2017-03-15 15:44 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-15 10:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-15 09:05 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-14 11:07 - 2016-03-11 17:21 - 00001195 _____ C:\Users\Jan Stejskal\Desktop\Nový NEMExpress.lnk
2017-03-14 11:07 - 2016-03-11 17:21 - 00000000 ____D C:\Users\Jan Stejskal\Documents\Posudky a Odhady
2017-03-13 16:01 - 2016-03-20 12:22 - 00000000 ____D C:\Users\Jan Stejskal\Documents\pdfFactory
2017-03-08 09:34 - 2016-03-17 11:04 - 00000343 _____ C:\WINDOWS\BRRBCOM.INI
2017-03-06 20:38 - 2016-05-19 11:51 - 00000000 ___RD C:\Users\Jan Stejskal\Documents\Scanned Documents
2017-03-06 10:14 - 2016-03-12 11:42 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\ElevatedDiagnostics
2017-03-05 13:20 - 2016-05-25 17:36 - 00000000 ____D C:\Users\Jan Stejskal\Desktop\Posudky a Odhady
2017-03-03 11:21 - 2017-01-27 08:40 - 00003304 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-03 11:21 - 2016-03-10 21:49 - 00002404 _____ C:\Users\Jan Stejskal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-03 11:21 - 2016-03-10 21:49 - 00000000 ___RD C:\Users\Jan Stejskal\OneDrive
2017-02-23 21:00 - 2016-03-12 11:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 20:58 - 2016-03-12 11:06 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
Some files in TEMP:
====================
2016-10-19 16:11 - 2016-10-19 16:11 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Jan Stejskal\AppData\Local\Temp\libeay32.dll
2016-10-19 16:11 - 2016-10-19 16:11 - 0970912 _____ (Microsoft Corporation) C:\Users\Jan Stejskal\AppData\Local\Temp\msvcr120.dll
2016-10-19 16:11 - 2016-10-19 16:11 - 0772672 _____ () C:\Users\Jan Stejskal\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-01 22:46
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Jan Stejskal (16-03-2017 09:34:47)
Running from C:\Users\Jan Stejskal\Downloads
Windows 10 Home Version 1607 (X64) (2016-10-05 21:26:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-20002027-273994422-1878103601-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-20002027-273994422-1878103601-503 - Limited - Disabled)
Guest (S-1-5-21-20002027-273994422-1878103601-501 - Limited - Disabled)
Jan Stejskal (S-1-5-21-20002027-273994422-1878103601-1001 - Administrator - Enabled) => C:\Users\Jan Stejskal
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.13 (x64) (HKLM\...\7-Zip) (Version: 15.13 - Igor Pavlov)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.162.2.62416 - AVG Technologies)
AVG (Version: 1.162.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Battlefield 4 Update 1 (HKLM-x32\...\QmF0dGxlZmllbGQ0_is1) (Version: 1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Catalyst Control Center Next Localization BR (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPCSi_1_1_31_PPT (HKLM\...\{A3F9B37E-F67E-44B7-9F68-634376F3A600}) (Version: 1.1.31.16455 - Monet+, a.s.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
FMW 1 (Version: 1.172.2 - AVG Technologies) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{766FF18A-4032-48D0-8BEA-3CF73624BB69}) (Version: 6.2.4.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{BB51845C-10A6-457F-A215-9B2D3E130889}) (Version: 3.6.2.0 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{C9F1F770-9A43-4BC1-9C8F-DEE6C9A91F4A}) (Version: 12.5.32.203 - Hewlett-Packard Company)
ImageVisu 4.0.2 (HKLM-x32\...\ImageVisu_is1) (Version: 4.0.2 - GeoVisu)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NemExpress (HKLM-x32\...\NemExpress) (Version: NemExpress version 1.11 - PLUTO-OLT spol. s r. o.)
Nuance PaperPort 12 (HKLM-x32\...\{CEB2E185-0481-4926-A976-2EB48D55B366}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Partner24 (HKLM-x32\...\Partner24) (Version: 1.7.1 - Česká Spořitelna a.s.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 5.15 - FinePrint Software, LLC)
PEKI dictionary 1.21 (HKLM-x32\...\PEKI dictionary) (Version: 1.21 - Pavel Ponec)
Pure Pinball Demo (HKLM-x32\...\Pure Pinball Demo) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7561 - Realtek Semiconductor Corp.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.16 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.8.0 (HKLM\...\VulkanRT1.0.8.0) (Version: 1.0.8.0 - LunarG, Inc.)
Webshare uploader (HKLM-x32\...\WebshareDLC) (Version: - Webshare)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {001F1252-C96C-4E58-92AE-C673A48CCD12} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {03DB7889-E907-465C-B9E6-364361AD2A16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {1D5ACD32-4B04-4B4B-B65F-66F23715E083} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {31F27061-7DCC-4DFE-A072-57498EED7702} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Jan Stejskal\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {4B8D2F0C-A429-430C-9DFD-00B3C79EC06C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {52A0C233-158C-4CAB-880C-5255148D41E6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {55BB30EE-6546-48DA-9398-FE8FB9D39FF1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {7210C169-DB1E-4C6F-8705-52A8FC53C99A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-10] (Google Inc.)
Task: {7C5C11D4-B904-4BE0-B296-ADA5E26A2DC6} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {8CB01AC9-BABC-4FD7-8DE1-95E891575616} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-29] (Advanced Micro Devices, Inc.)
Task: {94938DA4-1135-4B96-82B9-726D11B5D3DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {A81C88D8-F275-42CF-A5F7-86AF09CC89E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {C42229FE-340B-47A2-931A-C2E9AB260A11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C4B95895-DEB2-414F-ABD0-71E690CB63AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-10] (Google Inc.)
Task: {D3FA9334-595F-4EA1-82DA-0AC430D43934} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {E8EF9E5C-87C8-4156-A1CA-97FC02F104E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {E9804FEE-E121-46E3-96D5-64F76862AFE5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:49 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:49 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-09-23 20:25 - 2015-09-23 20:25 - 00414120 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-06-10 17:33 - 2015-06-10 17:33 - 00022528 _____ () C:\WINDOWS\system32\fpCSEvtSvc.exe
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-11-08 18:14 - 2016-11-08 18:14 - 00326144 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 00073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-03-15 20:13 - 2017-03-15 20:13 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-21 10:06 - 2017-02-03 02:42 - 00668960 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-11-21 10:06 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-11-21 10:06 - 2017-03-13 23:04 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2016-11-21 10:05 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-11-21 10:05 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-11-21 10:06 - 2017-03-13 23:04 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-11-21 10:05 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 22:14 - 2017-01-30 22:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-11-21 10:06 - 2017-03-13 23:04 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-12-13 20:49 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorB.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorS.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rccfg.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rcraid.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\Ford VTP I.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\Ford VTP I.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\Ford VTP II.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\Ford VTP II.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\VTP trikolka I.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\VTP trikolka I.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\VTP trikolka II.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\VTP trikolka II.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\garmin.com -> hxxps://my.garmin.com
IE trusted site: HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\garmin.com -> hxxp://my.garmin.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "QLBController"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CFC728E3-A6DF-4C4D-BA51-25EAA73054B7}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C0F27F59-2DDE-491B-ABEA-C6D3CE6C305D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{0EFCDBD2-2091-4AD8-B23E-8DBA9C6EDCF3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E785930A-5468-43A6-B531-1B9CF2BB258B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{C49EB0FC-F6F9-46F1-9990-C076085608EE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{27A47CE7-2C60-4CD0-BF39-9566DED95FF9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{7394270A-EC6B-49FE-AFDF-499A8992B7EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{6FA43311-9D59-471C-91CC-DF43717C5485}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{475AE6D5-E001-4D72-9714-B0EC7A1C9110}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{9908B39D-0E47-4134-B6CE-BFB1603C79F4}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{158F210F-CFEF-4379-9454-06A727675369}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{CC9E6655-4831-424C-B9E2-824D437CB1AA}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{E8B0C5F3-13E1-4CDE-90D2-6CB5BFAFA2E7}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{1A99A1F1-A8B5-4903-A358-318967E8F923}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{0E2ED388-B822-4F2E-8EF5-62F260894B25}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{CE8D35C7-7268-40EC-B5E2-F84B6F78B746}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{4B794401-4F0B-455A-B2D2-1B1CDB7E058F}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A3DD5345-E1D2-45DF-B39E-81AB1A086120}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{678CB19E-7094-48D9-B5BD-1EE63B57FB42}] => (Allow) C:\Battlefield 4\bf4.exe
FirewallRules: [{06FDA3BF-083E-45E0-8FD8-7849DCB44C32}] => (Allow) C:\Battlefield 4\bf4.exe
FirewallRules: [{8268365D-00DF-4ABF-8A94-7661F3BA339C}] => (Allow) C:\Battlefield 4\bf4_x86.exe
FirewallRules: [{84ACD684-3B70-4CFB-8AEF-31E60E39E2E9}] => (Allow) C:\Battlefield 4\bf4_x86.exe
FirewallRules: [{CDECE613-7B80-4770-95A1-72C56113E5EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E5FFA62-2091-4552-B82B-309B6822DDDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1DFDA12A-1265-4109-BE45-3FF3442CF416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{D182FA34-799A-4A37-B7C9-59E780988C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{16E2C629-DCD2-4E52-A016-2EE2DAA672C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7DE94F41-1A92-48A7-ACA1-7AD8B85AAC06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4E0FBC25-82EE-42C7-8E8E-DF9D43E993DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4C73C3F8-51E0-45A1-8A64-AF0285667D88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3B5B6C7F-D4CF-442E-861A-812F1C208A89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F846653E-CF0A-458A-BF6A-AF19BDE9FA4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8F640844-6E86-4F90-B4F3-4D2801929FCA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8496EE99-EF73-4EEA-94A1-AAAB08324DFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0E4A9444-4FA2-4CBB-B3A7-D670956C55BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C373840D-619B-450C-988C-F847D8B3574E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{27104539-DD45-4B8A-BDFE-D480F1FEDB7A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{EF800C5F-AC2F-4F08-B54C-2C48FE86EF60}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9744C581-D253-48AA-9C52-B2F7B6335C9C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
==================== Restore Points =========================
21-02-2017 16:38:35 Naplánovaný kontrolní bod
02-03-2017 08:27:18 Naplánovaný kontrolní bod
13-03-2017 13:55:26 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/16/2017 09:32:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:32:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:32:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:32:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Music.UI.exe, verze: 10.17012.1031.0, časové razítko: 0x58b8f845
Název chybujícího modulu: Music.UI.exe, verze: 10.17012.1031.0, časové razítko: 0x58b8f845
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000f4e5a9
ID chybujícího procesu: 0xa64
Čas spuštění chybující aplikace: 0x01d29e2fdc7d04bc
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
ID zprávy: 604663b4-c913-4b85-9891-04ba3aa49d78
Úplný název chybujícího balíčku: Microsoft.ZuneMusic_10.17012.10311.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Microsoft.ZuneMusic
Error: (03/16/2017 09:32:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Video.UI.exe, verze: 10.17012.1030.0, časové razítko: 0x58a42d56
Název chybujícího modulu: Video.UI.exe, verze: 10.17012.1030.0, časové razítko: 0x58a42d56
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000bfb4ef
ID chybujícího procesu: 0x194c
Čas spuštění chybující aplikace: 0x01d29e2fdc4fc5b2
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
ID zprávy: e0b482ae-8eb9-44ca-b200-7aa937a88dfc
Úplný název chybujícího balíčku: Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Microsoft.ZuneVideo
Error: (03/16/2017 09:25:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:25:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.14393.447, časové razítko: 0x5819bf85
Název chybujícího modulu: ShellExperienceHost.exe, verze: 10.0.14393.447, časové razítko: 0x5819bf85
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000022e27
ID chybujícího procesu: 0x1ea4
Čas spuštění chybující aplikace: 0x01d29e2edaf235d7
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID zprávy: d292ea3f-4fc6-4126-bdb7-ee92cf71321f
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (03/16/2017 09:23:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:21:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:21:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
System errors:
=============
Error: (03/16/2017 09:32:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server App.AppX85gcbw533amccd2rr8qswxymhfj649t2.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:32:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server Microsoft.ZuneMusic.AppXg7frm9cyrqhbagxce6zrshkx8fn0ycca.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:32:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:28:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG PC TuneUp Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 250 milisekund: Restartovat službu.
Error: (03/16/2017 09:28:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2017 09:25:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server App se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:23:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:21:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:21:17 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:17:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server CortanaUI se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2017-03-15 22:10:54.348
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-15 16:34:54.322
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-04 21:37:57.266
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-28 00:27:11.738
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-15 23:39:58.261
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-05 23:46:51.587
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-04 22:30:13.601
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-02 00:13:11.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-28 00:53:28.371
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 02:53:47.900
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 3987.11 MB
Available physical RAM: 2662.07 MB
Total Virtual: 5523.11 MB
Available Virtual: 3612.15 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.18 GB) (Free:379.41 GB) NTFS
Drive i: (ZÁLOHA 2016) (Removable) (Total:59.73 GB) (Free:47.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 59.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Addition nešel dát do přílohy. Díky,H.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Jan Stejskal (administrator) on DESKTOP-AVKCE7F (16-03-2017 09:32:05)
Running from C:\Users\Jan Stejskal\Downloads
Loaded Profiles: Jan Stejskal (Available Profiles: Jan Stejskal)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HotkeyService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8515832 2015-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [227896 2016-06-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5009096 2016-04-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-05] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-27] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [442592 2015-07-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-13] (Valve Corporation)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
GroupPolicy: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{cebb355e-4345-426a-9097-cc9dcf52cd41}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e6261f71-e4eb-4b1c-88e0-45a17eaea430}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-20002027-273994422-1878103601-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-20002027-273994422-1878103601-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: csas.cz/Partner24 -> C:\Program Files (x86)\Partner24\npPartner24.dll [2016-11-14] (Ceska sporitelna, a.s.)
Chrome:
=======
CHR Profile: C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default [2017-03-16]
CHR Extension: (Prezentace Google) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-10]
CHR Extension: (Dokumenty Google) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-10]
CHR Extension: (Disk Google) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-10]
CHR Extension: (YouTube) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-10]
CHR Extension: (Tabulky Google) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-05]
CHR Extension: (Přihlášení do aplikace Partner24) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcimcldmgjgkdhdgifbfiblffdhddbpa [2017-03-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-10]
CHR Extension: (Chrome Media Router) - C:\Users\Jan Stejskal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1257384 2017-02-27] (AVG Technologies CZ, s.r.o.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22528 2015-06-10] ()
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
R2 HP Hotkey Service; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HotkeyService.exe [847584 2015-07-15] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370072 2015-09-23] (Intel Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312064 2015-08-19] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263800 2016-02-05] (Synaptics Incorporated)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [53248 2015-06-10] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 xmengine service; C:\WINDOWS\SysWOW64\xmesrv.exe [34696 2009-09-25] (Monet+, a.s.)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-10] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-10] (Disc Soft Ltd)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-07-10] (Gemalto)
S3 iaStorB; C:\WINDOWS\System32\drivers\iaStorB.sys [559576 2015-05-21] (Intel Corporation)
S3 iaStorS; C:\WINDOWS\System32\drivers\iaStorS.sys [665592 2015-06-04] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3506464 2015-09-16] (Intel Corporation)
S3 rccfg; C:\WINDOWS\System32\drivers\rccfg.sys [22552 2015-05-11] (AMD, Inc.)
S3 rcraid; C:\WINDOWS\System32\drivers\rcraid.sys [540184 2015-05-11] (AMD, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [772336 2015-08-27] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3126032 2016-06-23] (Realtek Semiconductor Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP)
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-16 09:24 - 2017-03-15 20:19 - 00549912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C88.tmp
2017-03-16 09:24 - 2017-03-15 20:19 - 00338576 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C99.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00994592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6BD8.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00336920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6B1A.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00311592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6AE9.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6AFA.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00166136 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6A7B.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00163512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6CD9.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00127584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C67.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00101624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C07.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00076688 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C78.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6B2B.tmp
2017-03-16 09:24 - 2017-03-15 20:18 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avg6C57.tmp
2017-03-16 09:11 - 2017-03-16 09:12 - 00038451 _____ C:\Users\Jan Stejskal\Downloads\Addition.txt
2017-03-16 09:08 - 2017-03-16 09:33 - 00016939 _____ C:\Users\Jan Stejskal\Downloads\FRST.txt
2017-03-16 09:08 - 2017-03-16 09:32 - 00000000 ____D C:\FRST
2017-03-16 09:08 - 2017-03-16 09:08 - 02424832 _____ (Farbar) C:\Users\Jan Stejskal\Downloads\FRST64.exe
2017-03-16 00:52 - 2017-03-16 00:52 - 00003651 _____ C:\Users\Jan Stejskal\Desktop\AdwCleaner[C0].txt
2017-03-16 00:36 - 2017-03-16 00:45 - 00000000 ____D C:\AdwCleaner
2017-03-16 00:36 - 2017-03-16 00:36 - 03910208 _____ C:\Users\Jan Stejskal\Downloads\adwcleaner.exe
2017-03-16 00:23 - 2017-03-16 01:07 - 00000000 ____D C:\Users\Jan Stejskal\Downloads\backups
2017-03-16 00:19 - 2017-03-16 00:19 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jan Stejskal\Downloads\HijackThis.exe
2017-03-16 00:17 - 2017-03-16 00:17 - 00002586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-03-16 00:17 - 2017-02-21 09:29 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-03-15 20:29 - 2017-03-15 20:29 - 03135616 _____ (ESET) C:\Users\Jan Stejskal\Downloads\A840102_eset_nod32_antivirus_live_installer.exe
2017-03-15 20:20 - 2017-03-15 20:20 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Roaming\AVG
2017-03-15 20:16 - 2017-03-15 20:16 - 00000955 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-15 20:16 - 2017-03-15 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-03-15 20:13 - 2017-03-16 01:52 - 00003052 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-15 20:13 - 2017-03-16 00:16 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-15 20:12 - 2017-03-16 09:24 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\AvgSetupLog
2017-03-15 20:12 - 2017-03-16 00:16 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\Avg
2017-03-15 20:12 - 2017-03-16 00:16 - 00000000 ____D C:\ProgramData\Avg
2017-03-15 20:12 - 2017-03-15 20:12 - 03449440 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Jan Stejskal\Downloads\Antivirus_Free_1861.exe
2017-03-15 19:50 - 2017-03-15 19:50 - 00008402 _____ C:\Users\Jan Stejskal\Documents\cc_20170315_195003.reg
2017-03-15 19:27 - 2017-03-15 19:29 - 183035904 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E22.Jak.je.nutne.mit.Weinsteina.DVBT.XviD.CZ-dRTV.avi
2017-03-15 18:47 - 2017-03-15 18:47 - 00107076 _____ C:\Users\Jan Stejskal\Documents\cc_20170315_184744.reg
2017-03-15 18:45 - 2017-03-15 18:45 - 00002884 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-15 18:45 - 2017-03-15 18:45 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-15 18:45 - 2017-03-15 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-15 18:45 - 2017-03-15 18:45 - 00000000 ____D C:\Program Files\CCleaner
2017-03-15 18:44 - 2017-03-15 18:44 - 09274608 _____ (Piriform Ltd) C:\Users\Jan Stejskal\Downloads\ccsetup528.exe
2017-03-15 17:35 - 2017-03-15 17:35 - 00118825 _____ C:\Users\Jan Stejskal\Downloads\200507 (3).pdf
2017-03-15 17:35 - 2017-03-15 17:35 - 00021276 _____ C:\Users\Jan Stejskal\Downloads\Checklist_919523407991449.pdf
2017-03-15 14:32 - 2017-03-15 14:32 - 00125291 _____ C:\Users\Jan Stejskal\Downloads\200507 (2).pdf
2017-03-15 14:32 - 2017-03-15 14:32 - 00125291 _____ C:\Users\Jan Stejskal\Downloads\200507 (1).pdf
2017-03-15 14:32 - 2017-03-15 14:32 - 00020914 _____ C:\Users\Jan Stejskal\Downloads\Checklist_993299389031005.pdf
2017-03-15 13:58 - 2017-03-15 13:58 - 00123086 _____ C:\Users\Jan Stejskal\Downloads\200507.pdf
2017-03-15 13:58 - 2017-03-15 13:58 - 00024544 _____ C:\Users\Jan Stejskal\Downloads\Checklist_991180197972055.pdf
2017-03-15 12:53 - 2017-03-15 12:53 - 00258439 _____ C:\Users\Jan Stejskal\Downloads\20170314144723814.pdf
2017-03-15 11:04 - 2017-03-15 11:04 - 00084480 _____ C:\Users\Jan Stejskal\Downloads\095_Prehled_skoleni_CKOM.xls
2017-03-15 10:46 - 2017-03-15 10:47 - 21452494 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57854.zip
2017-03-15 10:34 - 2017-03-15 10:34 - 00520243 _____ C:\Users\Jan Stejskal\Downloads\Kupní smlouva - chata.pdf
2017-03-15 10:34 - 2017-03-15 10:34 - 00138723 _____ C:\Users\Jan Stejskal\Downloads\40_2_LV413320507.pdf
2017-03-14 19:43 - 2017-03-14 19:44 - 182499328 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E21.Nad.dopisy.divaku.DVBT.XviD.CZ-dRTV.avi
2017-03-14 14:02 - 2017-03-14 14:02 - 00073331 _____ C:\Users\Jan Stejskal\Downloads\79591279011.pdf
2017-03-14 12:50 - 2017-03-14 12:50 - 00074527 _____ C:\Users\Jan Stejskal\Downloads\79585593011.pdf
2017-03-14 12:48 - 2017-03-14 12:48 - 00073897 _____ C:\Users\Jan Stejskal\Downloads\79585504011.pdf
2017-03-14 12:47 - 2017-03-14 12:47 - 00073453 _____ C:\Users\Jan Stejskal\Downloads\79585453011.pdf
2017-03-14 12:45 - 2017-03-14 12:45 - 00073941 _____ C:\Users\Jan Stejskal\Downloads\79585348011.pdf
2017-03-14 12:43 - 2017-03-14 12:43 - 00073160 _____ C:\Users\Jan Stejskal\Downloads\79585212011.pdf
2017-03-14 12:41 - 2017-03-14 12:41 - 00073821 _____ C:\Users\Jan Stejskal\Downloads\79585026011.pdf
2017-03-14 12:34 - 2017-03-14 12:34 - 00073821 _____ C:\Users\Jan Stejskal\Downloads\79584709011.pdf
2017-03-14 12:32 - 2017-03-14 12:32 - 00076755 _____ C:\Users\Jan Stejskal\Downloads\79584515011.pdf
2017-03-14 12:27 - 2017-03-14 12:27 - 00073014 _____ C:\Users\Jan Stejskal\Downloads\79584370011.pdf
2017-03-14 12:24 - 2017-03-14 12:24 - 00073443 _____ C:\Users\Jan Stejskal\Downloads\79584229011.pdf
2017-03-14 12:23 - 2017-03-14 12:23 - 00073140 _____ C:\Users\Jan Stejskal\Downloads\79584120011.pdf
2017-03-14 12:22 - 2017-03-14 12:22 - 00074089 _____ C:\Users\Jan Stejskal\Downloads\79583915011.pdf
2017-03-14 11:06 - 2017-03-14 11:06 - 28277297 _____ (Oleg N. Scherbakov) C:\Users\Jan Stejskal\Downloads\NESetup2_1_25_6.exe
2017-03-14 10:28 - 2017-03-14 10:28 - 01037186 _____ (Česká Spořitelna a.s.) C:\Users\Jan Stejskal\Downloads\P24_Instalace_SW.exe
2017-03-14 10:27 - 2017-03-14 10:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-03-14 10:10 - 2017-03-14 10:10 - 15270537 _____ (Česká Spořitelna a.s.) C:\Users\Jan Stejskal\Downloads\P24_Instalace_HW.exe
2017-03-14 10:10 - 2017-03-14 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CS CryptoPlus v1.0
2017-03-14 10:10 - 2017-03-14 10:10 - 00000000 ____D C:\Program Files\CryptoPlus
2017-03-14 10:10 - 2017-03-14 10:10 - 00000000 ____D C:\Program Files (x86)\Partner24
2017-03-14 10:10 - 2017-03-14 10:10 - 00000000 ____D C:\Program Files (x86)\CryptoPlus
2017-03-14 09:35 - 2017-03-14 09:35 - 00002758 _____ C:\Users\Jan Stejskal\Downloads\QCA2264572.pem
2017-03-14 09:35 - 2017-03-14 09:35 - 00001964 _____ C:\Users\Jan Stejskal\Downloads\QCA2264572.crt
2017-03-14 09:32 - 2017-03-14 09:32 - 04670664 _____ C:\Users\Jan Stejskal\Downloads\iSignum (1).exe
2017-03-13 20:11 - 2017-03-13 20:13 - 182824960 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E20.Cesta.do.Evropy.DVBT.XviD.CZ-dRTV.avi
2017-03-13 16:35 - 2017-03-13 17:32 - 3850001403 _____ C:\Users\Jan Stejskal\Downloads\X-Men.Budouci.minulost.2014.720p.BluRay.x264.AC3.CZ.dabing.mkv
2017-03-13 16:01 - 2017-03-13 16:01 - 01155098 _____ C:\Users\Jan Stejskal\Desktop\Libocany - rizika.pdf
2017-03-13 14:11 - 2017-03-14 19:45 - 01056367 _____ C:\Users\Jan Stejskal\Desktop\Databáze-BJ.xlsx
2017-03-08 15:12 - 2017-03-08 15:12 - 00149444 _____ C:\Users\Jan Stejskal\Downloads\Untitled (30).tif
2017-03-08 13:54 - 2017-03-08 13:54 - 00069280 _____ C:\Users\Jan Stejskal\Downloads\vrabik (1).tif
2017-03-08 13:52 - 2017-03-08 13:52 - 00149444 _____ C:\Users\Jan Stejskal\Downloads\Untitled (29).tif
2017-03-08 13:33 - 2017-03-08 13:33 - 00149444 _____ C:\Users\Jan Stejskal\Downloads\Untitled (28).tif
2017-03-08 13:33 - 2017-03-08 13:33 - 00069280 _____ C:\Users\Jan Stejskal\Downloads\vrabik.tif
2017-03-08 13:31 - 2017-03-08 13:36 - 182931456 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E19.V.dobrem.i.ve.zlem.DVBT.XviD.CZ-dRTV.avi
2017-03-08 10:38 - 2017-03-08 12:41 - 1055654797 _____ C:\Users\Jan Stejskal\Downloads\X-Men-3-Posledni-vzdor-CZdab.mkv
2017-03-08 10:04 - 2017-03-08 10:04 - 09947184 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57756.zip
2017-03-08 09:09 - 2017-03-08 09:10 - 00362909 _____ C:\Users\Jan Stejskal\Downloads\f2 (28).pdf
2017-03-08 08:05 - 2017-03-08 08:05 - 06278436 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57770.zip
2017-03-07 22:02 - 2017-03-07 22:02 - 00367748 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57806.zip
2017-03-07 22:02 - 2017-03-07 22:02 - 00367748 _____ C:\Users\Jan Stejskal\Desktop\prilohy_57806.zip
2017-03-07 22:02 - 2017-03-07 22:02 - 00000000 ____D C:\Users\Jan Stejskal\Desktop\prilohy_57806
2017-03-07 11:09 - 2017-03-07 11:09 - 05561458 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57506.zip
2017-03-07 09:43 - 2017-03-07 09:43 - 10213691 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57722.zip
2017-03-07 09:28 - 2017-03-07 09:46 - 1960059582 _____ C:\Users\Jan Stejskal\Downloads\X-Men.2.2003.1080p.BRRip.x264.AC3.5.1.CZ.Dabing.mkv
2017-03-07 09:26 - 2017-03-07 09:27 - 182740992 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E18.Horka.chut.slavy.DVBT.XviD.CZ-dRTV.avi
2017-03-06 20:34 - 2017-03-06 20:34 - 00140951 _____ C:\Users\Jan Stejskal\Downloads\Zofová 2.pdf
2017-03-06 10:20 - 2017-03-06 10:21 - 182894592 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E16.Vanocni.silenstvi.DVBT.XviD.CZ-dRTV.avi
2017-03-06 09:54 - 2017-03-06 09:55 - 00010858 _____ C:\Users\Jan Stejskal\Downloads\inex1207 (8).xlsx
2017-03-05 13:42 - 2017-03-05 13:42 - 00141560 _____ C:\Users\Jan Stejskal\Downloads\Zofová LV.pdf
2017-03-05 12:57 - 2017-03-05 12:57 - 15432844 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57616.zip
2017-03-05 12:33 - 2017-03-05 13:27 - 2906346391 _____ C:\Users\Jan Stejskal\Downloads\X-Men-1-cz-2000-720p.mkv
2017-03-05 12:25 - 2017-03-05 12:26 - 182683648 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E15.Zdatny.invalida.DVBT.XviD.CZ-dRTV.avi
2017-03-05 11:51 - 2017-03-05 11:51 - 00000000 ____D C:\Users\Jan Stejskal\Desktop\Adele---25-Target-Deluxe-Edition-2015
2017-03-05 11:45 - 2017-03-05 11:45 - 22783574 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57618.zip
2017-03-05 10:12 - 2017-03-05 10:25 - 783303390 _____ C:\Users\Jan Stejskal\Downloads\Peaky.Blinders.S03E01.720p.HDTV.x264-CZ-tit.mp4
2017-03-04 23:22 - 2017-03-04 23:30 - 766113532 _____ C:\Users\Jan Stejskal\Downloads\Trollove-Trollovia-Trolls.2016.BDRip.XviD.CZ.dab.avi
2017-03-04 19:16 - 2017-03-04 19:53 - 1677678592 _____ C:\Users\Jan Stejskal\Downloads\X-Men---Prvni-trida-cz.avi
2017-03-03 14:16 - 2017-03-03 14:16 - 02525050 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57437.zip
2017-03-03 14:15 - 2017-03-03 14:15 - 08212444 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57441.zip
2017-03-03 14:14 - 2017-03-03 14:14 - 00254248 _____ C:\Users\Jan Stejskal\Downloads\smlouva o advokátní úschově - 01.pdf
2017-03-03 14:14 - 2017-03-03 14:14 - 00182717 _____ C:\Users\Jan Stejskal\Downloads\kupní smlouva - 01.pdf
2017-03-03 14:14 - 2017-03-03 14:14 - 00137942 _____ C:\Users\Jan Stejskal\Downloads\Honzák LV.pdf
2017-03-03 13:49 - 2017-03-03 13:49 - 00156829 _____ C:\Users\Jan Stejskal\Downloads\LV-Mráček.tif
2017-03-03 11:40 - 2017-03-03 11:45 - 182796288 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E14.Rodokmen.Griffinu.DVBT.XviD.CZ-dRTV.avi
2017-03-03 11:09 - 2017-03-03 11:09 - 00484317 _____ C:\Users\Jan Stejskal\Downloads\f2 (27).pdf
2017-03-03 10:17 - 2017-03-03 10:17 - 10428653 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57496.zip
2017-03-03 10:16 - 2017-03-03 10:16 - 00805370 _____ C:\Users\Jan Stejskal\Downloads\IMG_20170302_0001 (1).pdf
2017-03-02 21:14 - 2017-03-02 21:14 - 00675691 _____ C:\Users\Jan Stejskal\Downloads\F2 (26).pdf
2017-03-02 21:14 - 2017-03-02 21:14 - 00671657 _____ C:\Users\Jan Stejskal\Downloads\F3 (16).pdf
2017-03-02 21:14 - 2017-03-02 21:14 - 00663320 _____ C:\Users\Jan Stejskal\Downloads\F1 (35).pdf
2017-03-02 21:13 - 2017-03-02 21:14 - 00671657 _____ C:\Users\Jan Stejskal\Downloads\F3 (15).pdf
2017-03-02 13:27 - 2017-03-02 13:27 - 00182133 _____ C:\Users\Jan Stejskal\Downloads\lv (17).pdf
2017-03-02 11:42 - 2017-03-02 11:42 - 00695580 _____ C:\Users\Jan Stejskal\Downloads\3 (2).pdf
2017-03-02 11:29 - 2017-03-02 11:29 - 00695589 _____ C:\Users\Jan Stejskal\Downloads\3 (1).pdf
2017-03-02 11:29 - 2017-03-02 11:29 - 00676037 _____ C:\Users\Jan Stejskal\Downloads\1 (1).pdf
2017-03-02 11:00 - 2017-03-02 11:00 - 00805370 _____ C:\Users\Jan Stejskal\Downloads\IMG_20170302_0001.pdf
2017-03-02 09:56 - 2017-03-02 09:56 - 00298628 _____ C:\Users\Jan Stejskal\Downloads\triatlon16.xlsx
2017-03-02 09:10 - 2017-03-02 09:10 - 01964032 _____ C:\Users\Jan Stejskal\Downloads\UniCredit_6_6_2.xlt
2017-03-02 09:10 - 2017-03-02 09:10 - 01094742 _____ C:\Users\Jan Stejskal\Downloads\UniCredit_6_6_2.xltm
2017-03-02 09:01 - 2017-03-02 09:01 - 00539691 _____ C:\Users\Jan Stejskal\Downloads\04 - Dušek David - Oceňování věcných břemen (1).pdf
2017-03-02 09:00 - 2017-03-02 09:00 - 01021783 _____ C:\Users\Jan Stejskal\Downloads\UniCredit_6_6_21 (3).xlsm
2017-03-02 08:01 - 2017-03-02 08:05 - 182937600 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E13.Mizerny.cokl.DVBT.XviD.CZ-dRTV.avi
2017-02-28 22:36 - 2017-02-28 22:36 - 01786776 _____ C:\Users\Jan Stejskal\Downloads\Najemni_smlouva_Purkyneho.pdf
2017-02-28 14:24 - 2017-02-28 14:24 - 00710788 _____ C:\Users\Jan Stejskal\Downloads\IMG_20170222_0001.pdf
2017-02-28 14:24 - 2017-02-28 14:24 - 00140125 _____ C:\Users\Jan Stejskal\Downloads\Hanzelínová - LV.pdf
2017-02-28 12:30 - 2017-02-28 12:31 - 182599680 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E12.Hrdina.Chris.DVBT.XviD.CZ-dRTV.avi
2017-02-28 12:26 - 2017-02-28 12:27 - 181446704 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi-S03E11-Hon-na-spermii-by-Shini.avi
2017-02-28 11:24 - 2017-02-28 11:24 - 08265891 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57306 (1).zip
2017-02-28 11:01 - 2017-02-28 11:01 - 00889076 _____ C:\Users\Jan Stejskal\Downloads\LV ČERADICE 47 - KRAMPERA JAN.pdf
2017-02-27 14:59 - 2017-02-27 14:59 - 01021783 _____ C:\Users\Jan Stejskal\Downloads\UniCredit_6_6_21 (2).xlsm
2017-02-27 14:07 - 2017-02-27 14:07 - 08265891 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57306.zip
2017-02-27 09:16 - 2017-02-27 09:16 - 00139586 _____ C:\Users\Jan Stejskal\Downloads\LV_83.pdf
2017-02-26 18:21 - 2017-02-26 18:22 - 181428224 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E09.Rytir.sobotni.noci.DVBT.XviD.CZ-dRTV.avi
2017-02-26 14:52 - 2017-02-26 14:52 - 00151771 _____ C:\Users\Jan Stejskal\Downloads\ValuationReport (9).pdf
2017-02-26 13:47 - 2017-02-26 13:47 - 10443304 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57262.zip
2017-02-26 13:47 - 2017-02-26 13:47 - 01099087 _____ C:\Users\Jan Stejskal\Downloads\BJ č.p. 2101 v ul. Purkyněho v Žatci.xlsm
2017-02-26 12:31 - 2017-02-26 12:31 - 01096050 _____ C:\Users\Jan Stejskal\Downloads\BJ-č.p.-2663-v-ul.-Volyňských-Čechů-v-Žatci.xlsm
2017-02-26 12:29 - 2017-02-26 12:30 - 181448704 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E07.Smrtonosna.zbran.DVBT.XviD.CZ-dRTV.avi
2017-02-26 12:28 - 2017-02-26 12:28 - 08058486 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57268.zip
2017-02-26 10:54 - 2017-02-26 10:55 - 00141090 _____ C:\Users\Jan Stejskal\Downloads\LV_62.pdf
2017-02-26 10:48 - 2017-02-26 10:48 - 04542033 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57285 (1).zip
2017-02-26 10:45 - 2017-02-26 10:45 - 04542033 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57285.zip
2017-02-26 10:41 - 2017-02-26 10:41 - 00252822 _____ C:\Users\Jan Stejskal\Downloads\Výst. RD Račetice ZoSV č. 1.pdf
2017-02-25 21:23 - 2017-02-25 21:30 - 1457096624 _____ C:\Users\Jan Stejskal\Downloads\X-Men.Apokalypsa.2016.720p.BDRip.x264.CZ-S1LV3R.mkv
2017-02-25 16:13 - 2017-02-25 16:13 - 181436416 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E10.Ryba.na.suchu.DVBT.XviD.CZ-dRTV.avi
2017-02-25 11:35 - 2017-02-25 11:35 - 110952448 _____ (Tracker Software Products (Canada) Ltd.) C:\Users\Jan Stejskal\Desktop\PDF-XChange-Editor.exe
2017-02-25 11:35 - 2017-02-25 11:35 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Roaming\Thinstall
2017-02-25 11:35 - 2017-02-25 11:35 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\Thinstall
2017-02-25 11:28 - 2017-02-25 11:35 - 110952448 _____ (Tracker Software Products (Canada) Ltd.) C:\Users\Jan Stejskal\Downloads\PDF-XChange-Editor.exe
2017-02-25 10:54 - 2017-02-25 10:54 - 01038645 _____ C:\Users\Jan Stejskal\Downloads\IMG_20170224_0001.pdf
2017-02-25 10:42 - 2017-02-25 10:42 - 10884876 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57256.zip
2017-02-25 09:53 - 2017-02-25 09:53 - 14580381 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57222.zip
2017-02-25 09:19 - 2017-02-25 09:19 - 00420940 _____ C:\Users\Jan Stejskal\Downloads\NT1 (3).PDF
2017-02-25 09:10 - 2017-02-25 09:10 - 00883363 _____ C:\Users\Jan Stejskal\Downloads\f2 (25).pdf
2017-02-25 09:04 - 2017-02-25 09:04 - 00883296 _____ C:\Users\Jan Stejskal\Downloads\f2 (24).pdf
2017-02-25 09:04 - 2017-02-25 09:04 - 00676557 _____ C:\Users\Jan Stejskal\Downloads\f1 (34).pdf
2017-02-25 09:04 - 2017-02-25 09:04 - 00240718 _____ C:\Users\Jan Stejskal\Downloads\f3 (14).pdf
2017-02-25 08:12 - 2017-02-25 08:13 - 181456896 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E06.Smrt.zije.DVBT.XviD.CZ-dRTV.avi
2017-02-25 08:11 - 2017-02-25 08:11 - 13249463 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57216.zip
2017-02-24 22:42 - 2017-02-24 22:44 - 355702227 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x06-tcz.mp4
2017-02-23 17:13 - 2017-02-23 17:14 - 181411840 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E05.A.vitezem.se.stava...DVBT.XviD.CZ-dRTV.avi
2017-02-23 13:30 - 2017-02-23 13:30 - 04863388 _____ C:\Users\Jan Stejskal\Downloads\Smlouva o smlouvě budoucí kupní.pdf
2017-02-23 13:30 - 2017-02-23 13:30 - 00136316 _____ C:\Users\Jan Stejskal\Downloads\LV BJ účel HU.pdf
2017-02-23 13:30 - 2017-02-23 13:30 - 00135473 _____ C:\Users\Jan Stejskal\Downloads\LV BJ dozajištění.pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00362025 _____ C:\Users\Jan Stejskal\Downloads\f7.pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00292275 _____ C:\Users\Jan Stejskal\Downloads\f2 (23).pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00287124 _____ C:\Users\Jan Stejskal\Downloads\f8.pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00287124 _____ C:\Users\Jan Stejskal\Downloads\f8 (1).pdf
2017-02-23 12:33 - 2017-02-23 12:33 - 00199743 _____ C:\Users\Jan Stejskal\Downloads\f9.pdf
2017-02-23 08:27 - 2017-02-23 08:27 - 13546627 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56790.zip
2017-02-22 18:11 - 2017-02-22 18:16 - 1447659546 _____ C:\Users\Jan Stejskal\Downloads\Angry-Birds-ve-filmu---Angry-Birds-2016-CZ-a-SK-Dab.BRRip.XviD.avi
2017-02-22 18:11 - 2016-07-28 19:45 - 826982400 _____ C:\Users\Jan Stejskal\Desktop\Gnomeo-a-Julie-2011-CZdub-Animovany-Dobrodruzny-Romanticky-Komedie-By-Locika.avi
2017-02-22 17:50 - 2017-02-22 17:53 - 848044878 _____ C:\Users\Jan Stejskal\Downloads\Angry-Birds-ve-filmu-2016-cz-dab..avi
2017-02-22 16:29 - 2017-02-22 16:33 - 182130688 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E04.Skeble.domov.nas.DVBT.XviD.CZ-dRTV.avi
2017-02-22 14:50 - 2017-02-22 14:50 - 03985855 _____ C:\Users\Jan Stejskal\Downloads\IMG_1695.MOV
2017-02-22 12:50 - 2017-02-22 12:50 - 01961636 _____ C:\Users\Jan Stejskal\Downloads\IMG_0628.MOV
2017-02-22 12:49 - 2017-02-22 12:49 - 05175712 _____ C:\Users\Jan Stejskal\Downloads\IMG_0620.MOV
2017-02-22 11:39 - 2017-02-22 11:39 - 11043326 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57030.zip
2017-02-22 08:55 - 2017-02-22 08:55 - 19870217 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57131.zip
2017-02-22 07:56 - 2017-02-22 07:58 - 181733376 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E02.Brian.dobyva.Hollywood.DVBT.XviD.CZ-dRTV.avi
2017-02-21 17:18 - 2017-02-21 17:18 - 20293242 _____ C:\Users\Jan Stejskal\Downloads\prilohy_57007.zip
2017-02-21 16:27 - 2017-02-21 16:27 - 00737282 _____ C:\Users\Jan Stejskal\Downloads\20170221120557004.pdf
2017-02-21 14:04 - 2017-02-21 14:04 - 02405459 _____ C:\Users\Jan Stejskal\Downloads\Leták A5 - Půjčovna vysoušečů kopie.pdf
2017-02-20 23:07 - 2017-02-20 23:19 - 307039357 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x05-tcz.mp4
2017-02-20 21:11 - 2017-02-20 21:30 - 332644529 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x04-tcz.mp4
2017-02-20 20:23 - 2017-02-20 20:23 - 01065561 _____ C:\Users\Jan Stejskal\Downloads\scan_174746.pdf
2017-02-20 20:22 - 2017-02-20 20:22 - 00140831 _____ C:\Users\Jan Stejskal\Downloads\40_2_LV395160507.pdf
2017-02-20 14:54 - 2017-02-20 14:54 - 00428741 _____ C:\Users\Jan Stejskal\Downloads\f2 (22).pdf
2017-02-20 12:14 - 2017-02-20 12:14 - 11982277 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56879.zip
2017-02-20 09:21 - 2017-02-20 09:22 - 13166698 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56941.zip
2017-02-20 08:56 - 2017-02-20 08:57 - 01272087 _____ C:\Users\Jan Stejskal\Downloads\pov.mapy_CAP (10).pdf
2017-02-19 18:42 - 2017-02-19 18:43 - 16159485 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56977.zip
2017-02-19 17:48 - 2017-02-19 17:48 - 10150917 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56976.zip
2017-02-19 08:08 - 2017-02-19 08:08 - 11213438 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56897.zip
2017-02-18 19:01 - 2017-02-18 19:12 - 181377072 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi-S03E03-Pan-Griffin-jede-do-Washingtonu-by-Shini.avi
2017-02-17 22:48 - 2017-02-17 23:04 - 318579909 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x03-tcz.mp4
2017-02-17 12:01 - 2017-02-17 12:02 - 181633024 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S03E01.Tenka.bila.linie.DVBT.XviD.CZ-dRTV.avi
2017-02-17 11:49 - 2017-02-17 11:49 - 06050790 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56812.zip
2017-02-17 11:46 - 2017-02-17 11:46 - 00143247 _____ C:\Users\Jan Stejskal\Downloads\LV (16).pdf
2017-02-17 11:43 - 2017-02-17 11:44 - 00182501 _____ C:\Users\Jan Stejskal\Downloads\scan_170208.pdf
2017-02-17 11:06 - 2017-02-17 11:06 - 00139849 _____ C:\Users\Jan Stejskal\Downloads\Jirásek LV.pdf
2017-02-17 10:57 - 2017-02-17 10:56 - 00803504 _____ C:\Users\Jan Stejskal\Desktop\VTP trikolka II.jpeg.jpeg
2017-02-17 10:57 - 2017-02-17 10:56 - 00732275 _____ C:\Users\Jan Stejskal\Desktop\VTP trikolka I.jpeg
2017-02-16 22:51 - 2017-02-16 23:10 - 458372180 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders---02x02---TVrip-a-tit---CZ.avi
2017-02-16 14:59 - 2017-02-16 15:00 - 181706752 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S02E13.Cesta.na.Rhode.Island.DVBT.XviD.CZ-dRTV.avi
2017-02-16 12:36 - 2017-02-16 12:36 - 01911492 _____ C:\Users\Jan Stejskal\Downloads\smlouva dum.pdf
2017-02-16 12:36 - 2017-02-16 12:36 - 00114095 _____ C:\Users\Jan Stejskal\Downloads\LV (15).pdf
2017-02-16 10:49 - 2017-02-16 10:49 - 10568633 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56830.zip
2017-02-15 17:21 - 2017-02-15 17:21 - 00703166 _____ C:\Users\Jan Stejskal\Downloads\3.pdf
2017-02-15 17:21 - 2017-02-15 17:21 - 00694428 _____ C:\Users\Jan Stejskal\Downloads\2.pdf
2017-02-15 17:21 - 2017-02-15 17:21 - 00694428 _____ C:\Users\Jan Stejskal\Downloads\2 (1).pdf
2017-02-15 17:21 - 2017-02-15 17:21 - 00676299 _____ C:\Users\Jan Stejskal\Downloads\1.pdf
2017-02-15 17:15 - 2017-02-15 17:41 - 969711616 _____ C:\Users\Jan Stejskal\Downloads\Mupeti-rodinna-komedie-USA--2011-102min..avi
2017-02-15 13:10 - 2017-02-15 13:10 - 00054517 _____ C:\Users\Jan Stejskal\Downloads\CUZK_718289_LV_692_201702131055.PDF
2017-02-14 23:40 - 2017-02-14 23:49 - 290708200 _____ C:\Users\Jan Stejskal\Downloads\Peaky-Blinders-02x01-tcz.mp4
2017-02-14 15:56 - 2017-02-14 15:56 - 00929029 _____ C:\Users\Jan Stejskal\Downloads\Eva Čajanová - odhad.pdf
2017-02-14 15:55 - 2017-02-14 15:55 - 00372844 _____ C:\Users\Jan Stejskal\Downloads\20170210153007686 (1).pdf
2017-02-14 14:37 - 2017-02-14 14:37 - 00073517 _____ C:\Users\Jan Stejskal\Downloads\78446828011.pdf
2017-02-14 12:49 - 2017-02-14 12:49 - 00025925 _____ C:\Users\Jan Stejskal\Downloads\Objednávka odhadu UNI 1 (1).ods
2017-02-14 12:48 - 2017-02-14 12:48 - 00109109 _____ C:\Users\Jan Stejskal\Downloads\LV cesta.pdf
2017-02-14 12:48 - 2017-02-14 12:48 - 00107317 _____ C:\Users\Jan Stejskal\Downloads\LV sad.pdf
2017-02-14 12:15 - 2017-02-14 12:16 - 181553152 _____ C:\Users\Jan Stejskal\Downloads\Griffinovi.S02E12.Patnact.minut.hanby.DVBT.XviD.CZ-dRTV.avi
2017-02-14 11:59 - 2017-02-14 11:59 - 01158582 _____ C:\Users\Jan Stejskal\Downloads\svitilova103632 (1).pdf
2017-02-14 11:48 - 2017-02-14 11:48 - 09208997 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56613 (1).zip
2017-02-14 11:46 - 2017-02-14 11:46 - 09208997 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56613.zip
2017-02-14 10:58 - 2017-02-14 10:58 - 08003378 _____ C:\Users\Jan Stejskal\Downloads\prilohy_56645.zip
2017-02-14 10:44 - 2017-02-14 10:44 - 00144328 _____ C:\Users\Jan Stejskal\Downloads\LV (14).pdf
2017-02-14 00:33 - 2017-02-14 00:41 - 316290778 _____ C:\Users\Jan Stejskal\Downloads\Hovory-H-jeste-po-20-letech-02-Dotazy.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-16 09:31 - 2016-03-12 22:04 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Roaming\vlc
2017-03-16 09:21 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-03-16 09:21 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-16 09:02 - 2016-10-05 21:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-16 01:52 - 2016-10-05 22:23 - 00002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-03-16 01:48 - 2016-05-06 16:46 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2017-03-16 01:19 - 2016-11-21 10:02 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-16 01:11 - 2016-10-05 22:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-16 01:11 - 2016-10-05 21:56 - 00000000 ____D C:\ProgramData\Validity
2017-03-16 01:11 - 2016-10-05 21:55 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-16 01:11 - 2016-03-10 21:46 - 00000000 __SHD C:\Users\Jan Stejskal\IntelGraphicsProfiles
2017-03-16 01:10 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-16 00:44 - 2016-03-29 12:18 - 00000000 ____D C:\WINDOWS\system32\log
2017-03-16 00:19 - 2016-03-10 21:45 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\VirtualStore
2017-03-15 19:47 - 2016-03-14 20:38 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2017-03-15 19:35 - 2016-10-05 22:50 - 00000000 ___DC C:\WINDOWS\Panther
2017-03-15 19:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-15 19:35 - 2016-03-10 21:07 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Roaming\DAEMON Tools Lite
2017-03-15 18:14 - 2016-10-05 22:01 - 00000000 ____D C:\Users\Jan Stejskal
2017-03-15 15:44 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-15 10:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-15 09:05 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-14 11:07 - 2016-03-11 17:21 - 00001195 _____ C:\Users\Jan Stejskal\Desktop\Nový NEMExpress.lnk
2017-03-14 11:07 - 2016-03-11 17:21 - 00000000 ____D C:\Users\Jan Stejskal\Documents\Posudky a Odhady
2017-03-13 16:01 - 2016-03-20 12:22 - 00000000 ____D C:\Users\Jan Stejskal\Documents\pdfFactory
2017-03-08 09:34 - 2016-03-17 11:04 - 00000343 _____ C:\WINDOWS\BRRBCOM.INI
2017-03-06 20:38 - 2016-05-19 11:51 - 00000000 ___RD C:\Users\Jan Stejskal\Documents\Scanned Documents
2017-03-06 10:14 - 2016-03-12 11:42 - 00000000 ____D C:\Users\Jan Stejskal\AppData\Local\ElevatedDiagnostics
2017-03-05 13:20 - 2016-05-25 17:36 - 00000000 ____D C:\Users\Jan Stejskal\Desktop\Posudky a Odhady
2017-03-03 11:21 - 2017-01-27 08:40 - 00003304 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-03 11:21 - 2016-03-10 21:49 - 00002404 _____ C:\Users\Jan Stejskal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-03 11:21 - 2016-03-10 21:49 - 00000000 ___RD C:\Users\Jan Stejskal\OneDrive
2017-02-23 21:00 - 2016-03-12 11:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 20:58 - 2016-03-12 11:06 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
Some files in TEMP:
====================
2016-10-19 16:11 - 2016-10-19 16:11 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Jan Stejskal\AppData\Local\Temp\libeay32.dll
2016-10-19 16:11 - 2016-10-19 16:11 - 0970912 _____ (Microsoft Corporation) C:\Users\Jan Stejskal\AppData\Local\Temp\msvcr120.dll
2016-10-19 16:11 - 2016-10-19 16:11 - 0772672 _____ () C:\Users\Jan Stejskal\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-01 22:46
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Jan Stejskal (16-03-2017 09:34:47)
Running from C:\Users\Jan Stejskal\Downloads
Windows 10 Home Version 1607 (X64) (2016-10-05 21:26:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-20002027-273994422-1878103601-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-20002027-273994422-1878103601-503 - Limited - Disabled)
Guest (S-1-5-21-20002027-273994422-1878103601-501 - Limited - Disabled)
Jan Stejskal (S-1-5-21-20002027-273994422-1878103601-1001 - Administrator - Enabled) => C:\Users\Jan Stejskal
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.13 (x64) (HKLM\...\7-Zip) (Version: 15.13 - Igor Pavlov)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Skybox Labs)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.162.2.62416 - AVG Technologies)
AVG (Version: 1.162.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Battlefield 4 Update 1 (HKLM-x32\...\QmF0dGxlZmllbGQ0_is1) (Version: 1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Catalyst Control Center Next Localization BR (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0429.1515.25621 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPCSi_1_1_31_PPT (HKLM\...\{A3F9B37E-F67E-44B7-9F68-634376F3A600}) (Version: 1.1.31.16455 - Monet+, a.s.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
FMW 1 (Version: 1.172.2 - AVG Technologies) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{766FF18A-4032-48D0-8BEA-3CF73624BB69}) (Version: 6.2.4.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{BB51845C-10A6-457F-A215-9B2D3E130889}) (Version: 3.6.2.0 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{C9F1F770-9A43-4BC1-9C8F-DEE6C9A91F4A}) (Version: 12.5.32.203 - Hewlett-Packard Company)
ImageVisu 4.0.2 (HKLM-x32\...\ImageVisu_is1) (Version: 4.0.2 - GeoVisu)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NemExpress (HKLM-x32\...\NemExpress) (Version: NemExpress version 1.11 - PLUTO-OLT spol. s r. o.)
Nuance PaperPort 12 (HKLM-x32\...\{CEB2E185-0481-4926-A976-2EB48D55B366}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Partner24 (HKLM-x32\...\Partner24) (Version: 1.7.1 - Česká Spořitelna a.s.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 5.15 - FinePrint Software, LLC)
PEKI dictionary 1.21 (HKLM-x32\...\PEKI dictionary) (Version: 1.21 - Pavel Ponec)
Pure Pinball Demo (HKLM-x32\...\Pure Pinball Demo) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7561 - Realtek Semiconductor Corp.)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Scansoft PDF Professional (x32 Version: - ) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.16 - Synaptics Incorporated)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.8.0 (HKLM\...\VulkanRT1.0.8.0) (Version: 1.0.8.0 - LunarG, Inc.)
Webshare uploader (HKLM-x32\...\WebshareDLC) (Version: - Webshare)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {001F1252-C96C-4E58-92AE-C673A48CCD12} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {03DB7889-E907-465C-B9E6-364361AD2A16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {1D5ACD32-4B04-4B4B-B65F-66F23715E083} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {31F27061-7DCC-4DFE-A072-57498EED7702} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Jan Stejskal\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {4B8D2F0C-A429-430C-9DFD-00B3C79EC06C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {52A0C233-158C-4CAB-880C-5255148D41E6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {55BB30EE-6546-48DA-9398-FE8FB9D39FF1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {7210C169-DB1E-4C6F-8705-52A8FC53C99A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-10] (Google Inc.)
Task: {7C5C11D4-B904-4BE0-B296-ADA5E26A2DC6} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {8CB01AC9-BABC-4FD7-8DE1-95E891575616} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-29] (Advanced Micro Devices, Inc.)
Task: {94938DA4-1135-4B96-82B9-726D11B5D3DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {A81C88D8-F275-42CF-A5F7-86AF09CC89E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {C42229FE-340B-47A2-931A-C2E9AB260A11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C4B95895-DEB2-414F-ABD0-71E690CB63AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-10] (Google Inc.)
Task: {D3FA9334-595F-4EA1-82DA-0AC430D43934} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {E8EF9E5C-87C8-4156-A1CA-97FC02F104E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {E9804FEE-E121-46E3-96D5-64F76862AFE5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-13 20:49 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-13 20:49 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-09-23 20:25 - 2015-09-23 20:25 - 00414120 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-06-10 17:33 - 2015-06-10 17:33 - 00022528 _____ () C:\WINDOWS\system32\fpCSEvtSvc.exe
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-11-08 18:14 - 2016-11-08 18:14 - 00326144 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 00073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-03-15 20:13 - 2017-03-15 20:13 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2016-11-21 10:06 - 2017-02-03 02:42 - 00668960 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-11-21 10:06 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-11-21 10:06 - 2017-03-13 23:04 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2016-11-21 10:05 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-11-21 10:05 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-11-21 10:05 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-11-21 10:06 - 2017-03-13 23:04 - 00838944 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-11-21 10:05 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-13 22:14 - 2017-01-30 22:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-11-21 10:06 - 2017-03-13 23:04 - 00383776 _____ () C:\Program Files (x86)\Steam\steam.dll
2016-12-13 20:49 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorB.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorS.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rccfg.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rcraid.sys:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\Ford VTP I.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\Ford VTP I.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\Ford VTP II.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\Ford VTP II.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\VTP trikolka I.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\VTP trikolka I.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\VTP trikolka II.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Jan Stejskal\Desktop\VTP trikolka II.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\garmin.com -> hxxps://my.garmin.com
IE trusted site: HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\garmin.com -> hxxp://my.garmin.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-20002027-273994422-1878103601-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "QLBController"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-20002027-273994422-1878103601-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CFC728E3-A6DF-4C4D-BA51-25EAA73054B7}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C0F27F59-2DDE-491B-ABEA-C6D3CE6C305D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{0EFCDBD2-2091-4AD8-B23E-8DBA9C6EDCF3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E785930A-5468-43A6-B531-1B9CF2BB258B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{C49EB0FC-F6F9-46F1-9990-C076085608EE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{27A47CE7-2C60-4CD0-BF39-9566DED95FF9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{7394270A-EC6B-49FE-AFDF-499A8992B7EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{6FA43311-9D59-471C-91CC-DF43717C5485}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{475AE6D5-E001-4D72-9714-B0EC7A1C9110}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{9908B39D-0E47-4134-B6CE-BFB1603C79F4}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{158F210F-CFEF-4379-9454-06A727675369}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{CC9E6655-4831-424C-B9E2-824D437CB1AA}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{E8B0C5F3-13E1-4CDE-90D2-6CB5BFAFA2E7}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{1A99A1F1-A8B5-4903-A358-318967E8F923}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe
FirewallRules: [{0E2ED388-B822-4F2E-8EF5-62F260894B25}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{CE8D35C7-7268-40EC-B5E2-F84B6F78B746}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{4B794401-4F0B-455A-B2D2-1B1CDB7E058F}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{A3DD5345-E1D2-45DF-B39E-81AB1A086120}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{678CB19E-7094-48D9-B5BD-1EE63B57FB42}] => (Allow) C:\Battlefield 4\bf4.exe
FirewallRules: [{06FDA3BF-083E-45E0-8FD8-7849DCB44C32}] => (Allow) C:\Battlefield 4\bf4.exe
FirewallRules: [{8268365D-00DF-4ABF-8A94-7661F3BA339C}] => (Allow) C:\Battlefield 4\bf4_x86.exe
FirewallRules: [{84ACD684-3B70-4CFB-8AEF-31E60E39E2E9}] => (Allow) C:\Battlefield 4\bf4_x86.exe
FirewallRules: [{CDECE613-7B80-4770-95A1-72C56113E5EF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1E5FFA62-2091-4552-B82B-309B6822DDDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1DFDA12A-1265-4109-BE45-3FF3442CF416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{D182FA34-799A-4A37-B7C9-59E780988C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{16E2C629-DCD2-4E52-A016-2EE2DAA672C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7DE94F41-1A92-48A7-ACA1-7AD8B85AAC06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4E0FBC25-82EE-42C7-8E8E-DF9D43E993DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4C73C3F8-51E0-45A1-8A64-AF0285667D88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3B5B6C7F-D4CF-442E-861A-812F1C208A89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F846653E-CF0A-458A-BF6A-AF19BDE9FA4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8F640844-6E86-4F90-B4F3-4D2801929FCA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8496EE99-EF73-4EEA-94A1-AAAB08324DFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{0E4A9444-4FA2-4CBB-B3A7-D670956C55BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C373840D-619B-450C-988C-F847D8B3574E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{27104539-DD45-4B8A-BDFE-D480F1FEDB7A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{EF800C5F-AC2F-4F08-B54C-2C48FE86EF60}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9744C581-D253-48AA-9C52-B2F7B6335C9C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
==================== Restore Points =========================
21-02-2017 16:38:35 Naplánovaný kontrolní bod
02-03-2017 08:27:18 Naplánovaný kontrolní bod
13-03-2017 13:55:26 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/16/2017 09:32:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:32:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:32:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:32:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Music.UI.exe, verze: 10.17012.1031.0, časové razítko: 0x58b8f845
Název chybujícího modulu: Music.UI.exe, verze: 10.17012.1031.0, časové razítko: 0x58b8f845
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000f4e5a9
ID chybujícího procesu: 0xa64
Čas spuštění chybující aplikace: 0x01d29e2fdc7d04bc
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10311.0_x64__8wekyb3d8bbwe\Music.UI.exe
ID zprávy: 604663b4-c913-4b85-9891-04ba3aa49d78
Úplný název chybujícího balíčku: Microsoft.ZuneMusic_10.17012.10311.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Microsoft.ZuneMusic
Error: (03/16/2017 09:32:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Video.UI.exe, verze: 10.17012.1030.0, časové razítko: 0x58a42d56
Název chybujícího modulu: Video.UI.exe, verze: 10.17012.1030.0, časové razítko: 0x58a42d56
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000bfb4ef
ID chybujícího procesu: 0x194c
Čas spuštění chybující aplikace: 0x01d29e2fdc4fc5b2
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
ID zprávy: e0b482ae-8eb9-44ca-b200-7aa937a88dfc
Úplný název chybujícího balíčku: Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Microsoft.ZuneVideo
Error: (03/16/2017 09:25:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:25:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.14393.447, časové razítko: 0x5819bf85
Název chybujícího modulu: ShellExperienceHost.exe, verze: 10.0.14393.447, časové razítko: 0x5819bf85
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000022e27
ID chybujícího procesu: 0x1ea4
Čas spuštění chybující aplikace: 0x01d29e2edaf235d7
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
ID zprávy: d292ea3f-4fc6-4126-bdb7-ee92cf71321f
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (03/16/2017 09:23:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:21:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (03/16/2017 09:21:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AVKCE7F)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
System errors:
=============
Error: (03/16/2017 09:32:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server App.AppX85gcbw533amccd2rr8qswxymhfj649t2.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:32:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server Microsoft.ZuneMusic.AppXg7frm9cyrqhbagxce6zrshkx8fn0ycca.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:32:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:28:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG PC TuneUp Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 250 milisekund: Restartovat službu.
Error: (03/16/2017 09:28:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (03/16/2017 09:25:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server App se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:23:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:21:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:21:17 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/16/2017 09:17:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AVKCE7F)
Description: Server CortanaUI se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2017-03-15 22:10:54.348
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-15 16:34:54.322
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-04 21:37:57.266
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-28 00:27:11.738
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-15 23:39:58.261
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-05 23:46:51.587
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-04 22:30:13.601
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-02 00:13:11.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-28 00:53:28.371
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-20 02:53:47.900
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 3987.11 MB
Available physical RAM: 2662.07 MB
Total Virtual: 5523.11 MB
Available Virtual: 3612.15 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.18 GB) (Free:379.41 GB) NTFS
Drive i: (ZÁLOHA 2016) (Removable) (Total:59.73 GB) (Free:47.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 59.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Addition nešel dát do přílohy. Díky,H.
Re: Antimalware service executable
A jaky je vlastne konkretne problem, muzete ho podrobneji popsat? Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Antimalware service executable
Problém je, že tenhle proces neskutečně zatěžuje CPU, někdy také disk. Počítač potom reaguje velmi pomalu, skoro vůbec. Řešilo se to tu už před lety, tenkrát jsem se s tím také potýkal, pomohlo zakázat win defender v plánovači úloh, nyní už to nepomáhá. Níže posílám skeny, adwclener jsem už dělal minule, ale podle instrukcí jsem to zopakoval.
# AdwCleaner v6.044 - Log vytvořen 16/03/2017 v 10:27:20
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-15.2 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Jan Stejskal - DESKTOP-AVKCE7F
# Spuštěno z : C:\Users\Jan Stejskal\Downloads\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3648 Bajty] - [16/03/2017 00:45:13]
C:\AdwCleaner\AdwCleaner[C2].txt - [890 Bajty] - [16/03/2017 10:27:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [3681 Bajty] - [16/03/2017 00:38:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [1534 Bajty] - [16/03/2017 10:26:58]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1108 Bajty] ##########
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 16.03.17
Čas skenování: 10:34
Logovací soubor: MBAM.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.75
Aktualizovat verzi balíku komponent: 1.0.1513
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-AVKCE7F\Jan Stejskal
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 398282
Uplynulý čas: 4 hod, 41 min, 13 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, Žádná uživatelská akce, [741], [305912],1.0.1513
Hodnota v registru: 5
PUM.Optional.MSExclusion, HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PROCESSES|SVCHOST.EXE, Žádná uživatelská akce, [15449], [250909],1.0.1513
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|HP, Žádná uživatelská akce, [741], [305912],1.0.1513
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|TAB, Žádná uživatelská akce, [741], [305912],1.0.1513
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|SP, Žádná uživatelská akce, [741], [305912],1.0.1513
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|SURL, Žádná uživatelská akce, [741], [305912],1.0.1513
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 1
PUP.Optional.OpenCandy, C:\USERS\JAN STEJSKAL\DOWNLOADS\CDBXP_SETUP_4.5.6.5931.EXE, Žádná uživatelská akce, [646], [151286],1.0.1513
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Děkuji, H.
# AdwCleaner v6.044 - Log vytvořen 16/03/2017 v 10:27:20
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-15.2 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Jan Stejskal - DESKTOP-AVKCE7F
# Spuštěno z : C:\Users\Jan Stejskal\Downloads\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3648 Bajty] - [16/03/2017 00:45:13]
C:\AdwCleaner\AdwCleaner[C2].txt - [890 Bajty] - [16/03/2017 10:27:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [3681 Bajty] - [16/03/2017 00:38:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [1534 Bajty] - [16/03/2017 10:26:58]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1108 Bajty] ##########
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 16.03.17
Čas skenování: 10:34
Logovací soubor: MBAM.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.75
Aktualizovat verzi balíku komponent: 1.0.1513
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-AVKCE7F\Jan Stejskal
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 398282
Uplynulý čas: 4 hod, 41 min, 13 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, Žádná uživatelská akce, [741], [305912],1.0.1513
Hodnota v registru: 5
PUM.Optional.MSExclusion, HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PROCESSES|SVCHOST.EXE, Žádná uživatelská akce, [15449], [250909],1.0.1513
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|HP, Žádná uživatelská akce, [741], [305912],1.0.1513
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|TAB, Žádná uživatelská akce, [741], [305912],1.0.1513
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|SP, Žádná uživatelská akce, [741], [305912],1.0.1513
PUP.Optional.YesSearches.YSSRHS1, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|SURL, Žádná uživatelská akce, [741], [305912],1.0.1513
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 1
PUP.Optional.OpenCandy, C:\USERS\JAN STEJSKAL\DOWNLOADS\CDBXP_SETUP_4.5.6.5931.EXE, Žádná uživatelská akce, [646], [151286],1.0.1513
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Děkuji, H.
Re: Antimalware service executable
Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (staci uz jen sken hrozeb), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?