VIRY.CZ

GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-03-13 16:08:47
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002b ST1000LM024_HN-M101MBB rev.2AR10001 931,51GB
Running: gmer.exe; Driver: C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys


---- Disk sectors - GMER 2.2 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- Threads - GMER 2.2 ----

Thread C:\WINDOWS\system32\svchost.exe [832:936] 00007fffe0c4f950
Thread C:\WINDOWS\system32\svchost.exe [832:940] 00007fffe0c4ed20
Thread C:\WINDOWS\system32\svchost.exe [832:952] 00007fffe0a48ae0
Thread C:\WINDOWS\system32\svchost.exe [516:1156] 00007fffdcd9a770
Thread C:\WINDOWS\system32\svchost.exe [516:3956] 00007fffd1bdac90
Thread C:\WINDOWS\system32\svchost.exe [516:3968] 00007fffd1bd3590
Thread C:\WINDOWS\system32\svchost.exe [516:68] 00007fffd0449040
Thread C:\WINDOWS\system32\svchost.exe [516:4596] 00007fffd74099e0
Thread C:\WINDOWS\system32\svchost.exe [516:6460] 00007fffdaaf2cf0
Thread C:\WINDOWS\system32\svchost.exe [516:5232] 00007fffd2d01670
Thread C:\WINDOWS\system32\svchost.exe [516:10212] 00007fffd4fa5bc0
Thread C:\WINDOWS\system32\svchost.exe [516:2688] 00007fffdcd96080
Thread C:\WINDOWS\system32\svchost.exe [516:7532] 00007fffdcd9b590
Thread C:\WINDOWS\system32\svchost.exe [1548:1600] 00007fffd74744b0
Thread C:\WINDOWS\system32\svchost.exe [1548:1764] 00007fffe1556750
Thread C:\WINDOWS\system32\csrss.exe [9896:9060] ffffd0e2a7de6c20

---- EOF - GMER 2.2 ----

GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-03-13 16:27:48
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002b ST1000LM024_HN-M101MBB rev.2AR10001 931,51GB
Running: gmer.exe; Driver: C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys


---- User code sections - GMER 2.2 ----

.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlQueryEnvironmentVariable 00007fffe5fb07e0 5 bytes JMP 00007fffcc703100
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!RtlDecompressBuffer 00007fffe600dec0 5 bytes JMP 00007fffcc702ff0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtQueryInformationProcess 00007fffe60263e0 5 bytes JMP 00007fffcc7031f0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtMapViewOfSection 00007fffe60265c0 5 bytes JMP 00007fffcc7029a0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 00007fffe6026800 5 bytes JMP 00007fffcc7027e0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenEvent 00007fffe60268c0 5 bytes JMP 00007fffcc702d30
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateEvent 00007fffe60269c0 5 bytes JMP 00007fffcc702cd0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtResumeThread 00007fffe6026b00 1 byte JMP 00007fffcc702b90
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtResumeThread + 2 00007fffe6026b02 3 bytes {JMP 0xffffffffe66dc090}
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateMutant 00007fffe60275d0 5 bytes JMP 00007fffcc702d80
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateSemaphore 00007fffe6027730 5 bytes JMP 00007fffcc702e30
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateUserProcess 00007fffe6027850 1 byte JMP 00007fffcc702ee0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtCreateUserProcess + 2 00007fffe6027852 3 bytes {JMP 0xffffffffe66db690}
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenMutant 00007fffe6028350 1 byte JMP 00007fffcc702de0
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenMutant + 2 00007fffe6028352 3 bytes {JMP 0xffffffffe66daa90}
.text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[7844] C:\WINDOWS\SYSTEM32\ntdll.dll!NtOpenSemaphore 00007fffe6028430 5 bytes JMP 00007fffcc702e90
? C:\WINDOWS\SYSTEM32\dbgcore.DLL [2612] entry point in ".rdata" section 000000006f2bc940
? C:\WINDOWS\SYSTEM32\iertutil.dll [2612] entry point in ".rdata" section 00000000721e1590
? C:\WINDOWS\SYSTEM32\atlthunk.dll [2612] entry point in ".data" section 000000006bec4290
? C:\Windows\System32\ActXPrxy.dll [2612] entry point in ".rdata" section 00000000628e9c50
? C:\WINDOWS\System32\apphelp.dll [2612] entry point in ".rdata" section 000000006a20f7c0
? C:\WINDOWS\system32\mssprxy.dll [2612] entry point in ".rdata" section 000000006214a650
? C:\Windows\System32\smartscreenps.dll [2612] entry point in ".rdata" section 0000000068ba58a0
? C:\WINDOWS\system32\apphelp.dll [10044] entry point in ".rdata" section 000000006a20f7c0
? C:\WINDOWS\SYSTEM32\iertutil.dll [10044] entry point in ".rdata" section 00000000721e1590
? C:\Windows\System32\ieproxy.dll [10044] entry point in ".rdata" section 0000000071a89600
? C:\Windows\System32\OneCoreCommonProxyStub.dll [10044] entry point in ".rdata" section 00000000716bda90
? C:\WINDOWS\system32\apphelp.dll [4428] entry point in ".rdata" section 000000006a20f7c0

---- Threads - GMER 2.2 ----

Thread C:\WINDOWS\system32\svchost.exe [832:936] 00007fffe0c4f950
Thread C:\WINDOWS\system32\svchost.exe [832:940] 00007fffe0c4ed20
Thread C:\WINDOWS\system32\svchost.exe [832:952] 00007fffe0a48ae0
Thread C:\WINDOWS\system32\svchost.exe [516:1156] 00007fffdcd9a770
Thread C:\WINDOWS\system32\svchost.exe [516:3956] 00007fffd1bdac90
Thread C:\WINDOWS\system32\svchost.exe [516:3968] 00007fffd1bd3590
Thread C:\WINDOWS\system32\svchost.exe [516:68] 00007fffd0449040
Thread C:\WINDOWS\system32\svchost.exe [516:4596] 00007fffd74099e0
Thread C:\WINDOWS\system32\svchost.exe [516:6460] 00007fffdaaf2cf0
Thread C:\WINDOWS\system32\svchost.exe [516:5232] 00007fffd2d01670
Thread C:\WINDOWS\system32\svchost.exe [516:10212] 00007fffd4fa5bc0
Thread C:\WINDOWS\system32\svchost.exe [516:2688] 00007fffdcd96080
Thread C:\WINDOWS\system32\svchost.exe [516:7532] 00007fffdcd9b590
Thread C:\WINDOWS\system32\svchost.exe [1548:1600] 00007fffd74744b0
Thread C:\WINDOWS\system32\svchost.exe [1548:1764] 00007fffe1556750
Thread C:\WINDOWS\system32\csrss.exe [9896:9060] ffffd0e2a7de6c20

---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -1890209304
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14884802891092288@SetupOperations ?????????????????@?@?@?@?A?A?A?A?B?B????????????????????????????????????????????????????? ???????>??????????????????????P?0????????????????????????e????aswSnx????????????????????????????L????????????n????avast! virtualization driver (aswSnx)???????????? ???????????????m??td???????????v????????????P??????????????&??\SystemRoot\system32\drivers\aswSnx.sys?ys?sab????0?????????p???FSFilter Virtualization?????????????????????????FltMgr??????? ?????????????B???????????????? ?????????s??????? ??B???????????e?????????????B????????????????????MoveFile("\??\C:\Program Files\AVAST Software\Avast\HTM2A5F.tmp","\??\C:\Program Files\AVAST Software\Avast\HTMLayout.dll",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\avB2D40.tmp","\??\C:\Program Files\AVAST Software\Avast\avBugReport.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\AvD2E7B.tmp","\??\C:\Program Files\AVAST Software\Avast\AvDump32.exe",TRUE)?MoveFile("\??\C:\Program Files\AVAST Software\Avast\x64\AvD2F48.tmp","\??\C:\Program Files\AVAS
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\c8-3a-35-48-de-58@AddressCreationTimestamp 0x41 0x42 0xD7 0x0E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 4206
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x47 0x00 0xDB 0x72 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x47 0x68 0x9F 0xD4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x47 0x98 0x16 0x11 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\1@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\2@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\3@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@E7CF176E110C211B 0xE9 0x5A 0x81 0x2C ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\notepad.exe 0x3C 0xDF 0x64 0xB2 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{03C3F6CF-3697-492A-9465-9303D1D192C3}
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{03C3F6CF-3697-492A-9465-9303D1D192C3}@LastAccessedTime 0xB0 0x80 0x56 0xAC ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{03C3F6CF-3697-492A-9465-9303D1D192C3}@AppId {7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Z?hada skateparku\Z?hada skateparku.exe
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{03C3F6CF-3697-492A-9465-9303D1D192C3}@LaunchCount 1
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{61CCD3E9-E75A-4EC6-9F88-22A098EF486C}@LastAccessedTime 0x50 0x7A 0x62 0xB2 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{61CCD3E9-E75A-4EC6-9F88-22A098EF486C}@LaunchCount 8
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{8D66CB18-1F67-4BF4-B32E-F7F2BE56E783}@LastAccessedTime 0x20 0xAD 0x09 0xD7 ...
Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{8D66CB18-1F67-4BF4-B32E-F7F2BE56E783}@LaunchCount 3

---- Disk sectors - GMER 2.2 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.2 ----

poprosim Te znovu o logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2017
Ran by Slamak (administrator) on SLAMAKACER (13-03-2017 19:50:32)
Running from C:\Users\Slamak\Desktop
Loaded Profiles: Slamak (Available Profiles: Slamak)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Slamak\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-02-08] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [14517936 2016-07-14] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [24742760 2016-10-21] (eM Client s.r.o.)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [ProgLauncher] => C:\Program Files (x86)\ProgDVB\ProgLauncher.exe [400584 2016-08-26] ()
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GEN] => "C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe"
IFEO\acpanel_win.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\googledrivesync.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\myheritage.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progdvbnet.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progguide.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progtv.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skineditor.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-11-22]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk [2013-11-26]
ShortcutTarget: TrayMenu.lnk -> C:\Windows\SysWOW64\C2MP\TrayMenu.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.154.240.3 10.154.240.66
Tcpip\..\Interfaces\{5ebae234-8da9-4cf8-be43-1d89008d74f4}: [DhcpNameServer] 10.154.240.3 10.154.240.66
Tcpip\..\Interfaces\{f77bfe06-ae58-4493-81ba-fffbdc2587a6}: [DhcpNameServer] 10.154.240.3 10.154.240.66

Internet Explorer:
==================
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope {6A9BB02B-2030-4929-AE57-F965133B84E3} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> {6A9BB02B-2030-4929-AE57-F965133B84E3} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-12] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default [2017-03-13]
FF user.js: detected! => C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\user.js [2017-03-02]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\gjyzp0az.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\gjyzp0az.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\gjyzp0az.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\gjyzp0az.default -> hxxps://www.seznam.cz/
FF Extension: (Avast Passwords) - C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2017-02-10]
FF Extension: (Password Exporter) - C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-03-12]
FF SearchPlugin: C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\searchplugins\seznam-avast.xml [2015-02-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-28] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13906
CHR StartupUrls: Default -> "hxxp://websearch.just-browse.info/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&i ... hannel=rcs
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default [2017-03-10]
CHR Extension: (CacheList) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2016-11-09]
CHR Extension: (Dokumenty Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-10]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-10]
CHR Extension: (YouTube) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Avast Online Security) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-12-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-10]
CHR Extension: (Avast Passwords) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-02-15]
CHR Extension: (Avast SafePrice) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-10]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-10]
CHR Extension: (Save the Penguin) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinohkicpolgdfgajpflbaoimmnaeibb [2017-02-24]
CHR Extension: (Gmail) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-15]
CHR Extension: (Geoseznam) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkejgpgaflkeonkliblcplomemekogop [2016-07-06]
CHR HKU\S-1-5-21-3621977129-2832859686-462106091-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-02] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-26] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-07] (Freemake) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-02-08] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-03-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-02] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-02] (AVAST Software)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (www.winchiphead.com)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-12] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-02-08] (Dritek System Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 kwlcruod; C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys [56584 2017-03-13] (GMER) [File not signed] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-13 19:50 - 2017-03-13 19:52 - 00023655 _____ C:\Users\Slamak\Desktop\FRST.txt
2017-03-13 19:48 - 2017-03-13 19:48 - 00112640 _____ (forum.viry.cz) C:\Users\Slamak\Desktop\FRSTLauncher.exe
2017-03-13 19:43 - 2017-03-13 19:43 - 00000000 ____D C:\Users\Slamak\Desktop\FRST-OlderVersion
2017-03-13 16:00 - 2017-03-13 16:00 - 00371282 _____ C:\Users\Slamak\Downloads\gmer(1).zip
2017-03-13 15:50 - 2017-03-13 15:50 - 00371282 _____ C:\Users\Slamak\Downloads\gmer.zip
2017-03-13 15:39 - 2017-03-13 15:39 - 00075257 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-13-1791.pdf
2017-03-13 15:39 - 2017-03-13 15:39 - 00017313 _____ C:\Users\Slamak\Downloads\output(2).pdf
2017-03-13 15:33 - 2017-03-13 15:33 - 00000661 _____ C:\Users\Slamak\Downloads\objednavka_export_13-03-2017-15-33-11.csv
2017-03-13 15:09 - 2017-03-13 15:09 - 00018396 _____ C:\Users\Slamak\Downloads\ordersXML(11).xml
2017-03-13 07:03 - 2017-03-13 07:03 - 00009072 _____ C:\Users\Slamak\Downloads\output(1).pdf
2017-03-13 07:00 - 2017-03-13 07:00 - 00006166 _____ C:\Users\Slamak\Downloads\ordersXML(10).xml
2017-03-13 07:00 - 2017-03-13 07:00 - 00000122 _____ C:\Users\Slamak\Downloads\objednavka_export_13-03-2017-07-00-45.csv
2017-03-13 06:43 - 2017-03-13 06:43 - 00012949 _____ C:\Users\Slamak\Downloads\output.pdf
2017-03-12 23:17 - 2017-03-12 23:17 - 00000355 _____ C:\Users\Slamak\Downloads\objednavka_export_12-03-2017-23-17-50.csv
2017-03-12 23:12 - 2017-03-12 23:12 - 00012002 _____ C:\Users\Slamak\Downloads\ordersXML(9).xml
2017-03-12 16:55 - 2017-03-12 17:15 - 1731911076 _____ C:\Users\Slamak\Downloads\ostravak.ostravski.2016.480p.DVDRip.XVID.AC3.CZ.avi
2017-03-12 16:52 - 2017-03-12 17:27 - 981307392 _____ C:\Users\Slamak\Downloads\Prichozi - Arrival (2016)_cz dab.avi.part
2017-03-12 15:16 - 2017-03-12 15:16 - 00075639 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-12-1103.pdf
2017-03-12 15:00 - 2017-03-12 15:00 - 00011919 _____ C:\Users\Slamak\Downloads\ordersXML(8).xml
2017-03-11 20:07 - 2017-03-11 20:07 - 00425906 _____ C:\Users\Slamak\Downloads\483507292.pdf
2017-03-11 20:02 - 2017-03-11 20:02 - 00569168 _____ C:\Users\Slamak\Downloads\489734385.pdf
2017-03-11 20:01 - 2017-03-11 20:01 - 00430352 _____ C:\Users\Slamak\Downloads\486648024.pdf
2017-03-10 21:12 - 2017-03-10 21:13 - 00387172 _____ C:\WINDOWS\Minidump\031017-30937-01.dmp
2017-03-10 21:12 - 2017-03-10 21:12 - 588130465 _____ C:\WINDOWS\MEMORY.DMP
2017-03-10 19:11 - 2017-03-10 19:12 - 00359501 _____ C:\Users\Slamak\Downloads\14436469(1).pdf
2017-03-10 19:08 - 2017-03-10 19:10 - 00359501 _____ C:\Users\Slamak\Downloads\14436469.pdf
2017-03-10 17:40 - 2017-03-10 17:40 - 00005936 _____ C:\Users\Slamak\Downloads\ordersXML(7).xml
2017-03-10 17:13 - 2017-03-08 12:46 - 00025237 _____ C:\Users\Slamak\Desktop\2017-02-28T02-02 Transakce č. 1055832024528472-2355991.pdf
2017-03-10 17:11 - 2017-03-10 17:12 - 00022726 _____ C:\Users\Slamak\Downloads\2017-02-01–2017-02-28_Transakce(1).zip
2017-03-10 13:58 - 2017-03-12 14:36 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-10 13:58 - 2017-03-10 13:58 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-10 13:58 - 2017-03-10 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-10 13:58 - 2017-03-10 13:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-10 13:58 - 2017-03-10 13:58 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-10 13:58 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-10 13:57 - 2017-03-10 13:57 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-10 13:43 - 2017-03-10 13:48 - 00000000 ____D C:\AdwCleaner
2017-03-10 13:41 - 2017-03-10 13:43 - 04031440 _____ C:\Users\Slamak\Desktop\adwcleaner_6.044.exe
2017-03-10 07:02 - 2017-03-10 07:02 - 00002812 _____ C:\Users\Slamak\Downloads\ordersXML(6).xml
2017-03-09 22:49 - 2017-03-09 22:49 - 00000311 _____ C:\Users\Slamak\Downloads\objednavka_export_09-03-2017-22-49-21.csv
2017-03-09 22:45 - 2017-03-09 22:45 - 00002474 _____ C:\Users\Slamak\Downloads\ordersXML(5).xml
2017-03-09 20:28 - 2017-03-10 07:18 - 00000000 ____D C:\Users\Slamak\Desktop\tisk
2017-03-09 20:01 - 2017-03-09 20:01 - 00002120 _____ C:\Users\Slamak\Downloads\ordersXML(4).xml
2017-03-09 19:50 - 2017-03-09 19:50 - 00007733 _____ C:\Users\Slamak\Downloads\ordersXML(3).xml
2017-03-09 14:47 - 2017-03-09 14:47 - 00004714 _____ C:\Users\Slamak\Downloads\ordersXML(2).xml
2017-03-09 13:30 - 2017-03-13 19:50 - 00000000 ____D C:\FRST
2017-03-09 13:21 - 2017-03-13 19:43 - 02424832 _____ (Farbar) C:\Users\Slamak\Desktop\FRST64.exe
2017-03-09 13:12 - 2017-03-09 13:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-09 13:12 - 2017-03-09 13:12 - 00000000 ____D C:\Intel
2017-03-09 07:24 - 2017-03-09 07:24 - 00052736 _____ C:\Users\Slamak\Downloads\GOPAY_112643542-170130-170205.xls
2017-03-09 07:07 - 2017-03-09 07:07 - 00471823 _____ C:\Users\Slamak\Downloads\171019421(1).pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00471991 _____ C:\Users\Slamak\Downloads\171010674.pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00471668 _____ C:\Users\Slamak\Downloads\171013755.pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00470862 _____ C:\Users\Slamak\Downloads\171016549(1).pdf
2017-03-09 01:17 - 2017-03-09 01:17 - 12935296 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 11330576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 01086408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00975184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00558728 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00553424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00242800 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00206000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00051184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 13046920 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 10829448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 05925984 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 03529352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 03139208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00593544 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00560776 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00536664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00460936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00458376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00450184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00449160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00447112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00446600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00428680 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00402568 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00348808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00304264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00300128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00276064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00206944 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00193160 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00160392 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00145032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2017-03-09 01:16 - 2017-03-09 01:16 - 00134280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4459.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00119432 _____ C:\WINDOWS\system32\igdde64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00099464 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00043144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00027784 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2017-03-08 21:46 - 2017-03-08 21:46 - 00022725 _____ C:\Users\Slamak\Downloads\2017-02-01–2017-02-28_Transakce.zip
2017-03-08 21:19 - 2017-03-09 19:30 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2017-03-08 20:52 - 2017-03-08 20:52 - 00001284 _____ C:\Users\Slamak\Desktop\Faktury přijaté 2017 – zástupce.lnk
2017-03-08 20:51 - 2017-03-08 20:51 - 00001194 _____ C:\Users\Slamak\Desktop\Texty shop – zástupce.lnk
2017-03-07 19:42 - 2017-03-07 19:42 - 00000000 ____D C:\rsit
2017-03-07 12:16 - 2017-03-07 12:16 - 00000000 ____D C:\Users\Slamak\fUTkALeaTxM
2017-03-07 08:35 - 2017-03-07 08:35 - 00472563 _____ C:\Users\Slamak\Downloads\171022412.pdf
2017-03-06 18:01 - 2017-03-06 18:01 - 00000000 ____D C:\Users\Slamak\AppData\Local\FileZilla
2017-03-06 17:03 - 2017-03-06 17:03 - 00206521 _____ C:\Users\Slamak\Downloads\492092659.PDF
2017-03-06 17:02 - 2017-03-06 17:02 - 00089630 _____ C:\Users\Slamak\Downloads\492092658.PDF
2017-03-06 15:07 - 2017-03-06 15:11 - 00272470 _____ C:\Users\Slamak\Documents\kaplicka v opre.odt
2017-03-05 18:48 - 2017-03-05 18:48 - 00005615 _____ C:\Users\Slamak\Downloads\ordersXML(1).xml
2017-03-04 23:17 - 2017-03-04 23:17 - 00148566 _____ C:\Users\Slamak\Downloads\T8940540.pdf
2017-03-04 20:49 - 2017-03-04 20:50 - 01185889 _____ C:\Users\Slamak\Downloads\2015_Guidelines_Beer.pdf
2017-03-04 18:25 - 2017-03-04 18:25 - 00008568 _____ C:\Users\Slamak\Downloads\ordersXML.xml
2017-03-04 16:43 - 2017-03-04 16:58 - 1900460032 _____ C:\Users\Slamak\Downloads\Jokri.avi
2017-03-04 16:42 - 2017-03-04 16:49 - 824785610 _____ C:\Users\Slamak\Downloads\Zilionáři-2016-cz-dab.,super-kvalita.avi
2017-03-04 12:45 - 2017-03-04 12:51 - 914463076 _____ C:\Users\Slamak\Downloads\(cetnici-z-luhacovic)-09-dopis-ze-zahrobi--16'--DVBT_CZ-(romin).avi
2017-03-03 12:49 - 2017-03-03 12:49 - 00362130 _____ C:\Users\Slamak\Downloads\cenik-italie-novy.pdf
2017-03-02 23:36 - 2017-03-07 20:34 - 00003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-03-02 22:50 - 2017-03-02 22:50 - 00002594 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-03-02 22:50 - 2017-02-21 09:29 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-03-02 22:47 - 2017-03-02 22:47 - 00000979 _____ C:\Users\Slamak\Desktop\zalohy PROFIT – zástupce.lnk
2017-03-02 22:47 - 2017-03-02 22:47 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-02 22:47 - 2017-03-02 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-03-02 22:45 - 2017-03-13 16:14 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-02 22:45 - 2017-03-02 22:50 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-02 22:44 - 2017-03-02 23:48 - 00000000 ____D C:\Users\Slamak\AppData\Local\AvgSetupLog
2017-03-02 20:32 - 2017-03-02 20:36 - 773026364 _____ C:\Users\Slamak\Downloads\Bezva ženska na krku .2016 komedie cz avi.avi
2017-03-02 19:45 - 2017-03-06 10:37 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-02 19:45 - 2017-03-02 19:43 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-02 19:44 - 2017-03-02 19:44 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-01 10:53 - 2017-03-01 10:53 - 00216324 _____ C:\Users\Slamak\Downloads\newsletter_3.pdf
2017-03-01 01:56 - 2017-03-01 01:56 - 00085710 _____ C:\Users\Slamak\Downloads\Obchodni podminky www.vyrobtesipivo.cz(1).pdf
2017-03-01 00:14 - 2012-01-19 02:27 - 00000000 ____D C:\Users\Slamak\Documents\tni_product_reviews
2017-03-01 00:11 - 2017-03-01 00:11 - 00012813 _____ C:\Users\Slamak\Downloads\tni_product_reviews RECENZE.zip
2017-02-28 23:17 - 2017-02-28 23:17 - 00402839 _____ C:\Users\Slamak\Downloads\sanicleantl.pdf
2017-02-28 22:26 - 2017-02-28 22:26 - 00305226 _____ C:\Users\Slamak\Downloads\PBW_SDS_EN.pdf
2017-02-28 22:26 - 2017-02-28 22:26 - 00238727 _____ C:\Users\Slamak\Downloads\Star_San_HB_SDS_EN.pdf
2017-02-28 21:56 - 2017-02-28 21:56 - 00471823 _____ C:\Users\Slamak\Downloads\171019421.pdf
2017-02-28 16:32 - 2017-02-28 16:33 - 176296836 _____ C:\Users\Slamak\Downloads\RINO-–-Příběh-špióna.part2.rar
2017-02-28 16:31 - 2017-02-28 16:46 - 2086666240 _____ C:\Users\Slamak\Downloads\RINO-–-Příběh-špióna.part1.rar
2017-02-27 19:24 - 2017-02-27 19:24 - 00050584 _____ C:\Users\Slamak\Downloads\4117048648.pdf
2017-02-27 19:24 - 2017-02-27 19:24 - 00048491 _____ C:\Users\Slamak\Downloads\4017047847.pdf
2017-02-27 19:21 - 2017-02-27 19:21 - 00050611 _____ C:\Users\Slamak\Downloads\4117048644.pdf
2017-02-27 19:21 - 2017-02-27 19:21 - 00048203 _____ C:\Users\Slamak\Downloads\4017047844.pdf
2017-02-27 16:14 - 2017-02-27 16:14 - 00003004 _____ C:\Users\Slamak\Downloads\438894670_1_Autentizační údaje(2).pdf
2017-02-27 11:41 - 2017-02-27 11:42 - 00020893 _____ C:\Users\Slamak\Desktop\Order Stanislav Krejci - vyrobtesipivo.cz.ods
2017-02-27 10:36 - 2017-02-27 10:36 - 00235513 _____ C:\Users\Slamak\Desktop\Brouwland_price_list_C20_July_2016_EN.xlsx
2017-02-25 21:04 - 2017-02-25 21:05 - 00530051 _____ C:\Users\Slamak\Downloads\Cenik-01012017.pdf
2017-02-24 19:35 - 2017-02-24 19:36 - 00061322 _____ C:\Users\Slamak\Downloads\050.270.8 en 050.514.9_SPEC_EN_Bavarian Wheat M20.pdf
2017-02-24 19:35 - 2017-02-24 19:35 - 00083215 _____ C:\Users\Slamak\Downloads\050.270.8.pdf
2017-02-24 15:39 - 2017-02-25 20:21 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Electrum
2017-02-24 15:37 - 2017-02-24 15:37 - 00001080 _____ C:\Users\Slamak\Desktop\Electrum.lnk
2017-02-24 15:37 - 2017-02-24 15:37 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2017-02-24 15:37 - 2017-02-24 15:37 - 00000000 ____D C:\Program Files (x86)\Electrum
2017-02-24 15:19 - 2017-02-24 16:16 - 00000074 _____ C:\Users\Slamak\Desktop\Bitcoin.txt
2017-02-24 15:18 - 2017-02-24 15:18 - 00000000 ____D C:\Users\Slamak\Documents\Bitcoin
2017-02-24 15:15 - 2017-02-24 15:16 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\MultiBitHD
2017-02-24 12:53 - 2017-02-24 12:53 - 10262944 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Data Sheets-20170224T115302Z-001.zip
2017-02-23 22:02 - 2017-02-23 22:02 - 00342006 _____ C:\Users\Slamak\Downloads\Kompakt_70l.pdf
2017-02-23 19:59 - 2017-02-23 19:59 - 01816415 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Traditional Series Beer Pouches-20170223T185854Z-001.zip
2017-02-23 19:57 - 2017-02-23 19:58 - 03333638 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Craft Series Yeast-20170223T185729Z-001.zip
2017-02-22 20:46 - 2017-02-22 20:47 - 00100268 _____ C:\Users\Slamak\Desktop\661-1132 Baška Chorvatsko dovolená 2017.htm
2017-02-22 20:46 - 2017-02-22 20:47 - 00000000 ____D C:\Users\Slamak\Desktop\661-1132 Baška Chorvatsko dovolená 2017_soubory
2017-02-22 13:34 - 2017-02-22 13:34 - 07422592 _____ C:\Users\Slamak\Downloads\Katalog_podzim-zima_2016_web.pdf
2017-02-21 18:59 - 2017-02-21 18:59 - 00470854 _____ C:\Users\Slamak\Downloads\171016549.pdf
2017-02-20 22:55 - 2017-02-20 22:55 - 00000444 _____ C:\Users\Slamak\Downloads\csv-ukazka.csv
2017-02-20 16:18 - 2017-02-20 16:39 - 3003922830 _____ C:\Users\Slamak\Downloads\ČETNÍCI-Z-LUHAČOVIC-07.Padělek-FHD-(2017)-CZ-(78PT).avi
2017-02-20 16:14 - 2017-02-20 16:22 - 1063945388 _____ C:\Users\Slamak\Downloads\Bohéma S01E06 - Dvojí tvá_e - TVrip CZserial.avi
2017-02-19 22:04 - 2017-02-19 22:04 - 00045633 _____ C:\Users\Slamak\Downloads\PDFReport.aspx
2017-02-19 18:59 - 2017-02-19 18:59 - 00176219 _____ C:\Users\Slamak\Downloads\plna-moc.pdf
2017-02-19 18:58 - 2017-02-19 18:58 - 00106568 _____ C:\Users\Slamak\Downloads\merkblatt_deutsch.pdf
2017-02-19 18:57 - 2017-02-19 18:57 - 00090301 _____ C:\Users\Slamak\Downloads\StAb-Bau-Fragebg. 2002 - tschech..pdf
2017-02-19 18:56 - 2017-02-19 18:56 - 00018825 _____ C:\Users\Slamak\Downloads\Baustellenübersicht D-CZ.docx(1).pdf
2017-02-19 18:55 - 2017-02-19 18:55 - 00158712 _____ C:\Users\Slamak\Downloads\Fragenbogen CZ.pdf
2017-02-19 18:54 - 2017-02-19 18:55 - 00018825 _____ C:\Users\Slamak\Downloads\Baustellenübersicht D-CZ.docx.pdf
2017-02-19 18:54 - 2017-02-19 18:54 - 00381701 _____ C:\Users\Slamak\Downloads\Ansässigkeitsbescheinigung CZ.pdf
2017-02-18 22:13 - 2017-02-18 22:14 - 67620545 _____ C:\Users\Slamak\Downloads\backup_2017-02-18_22-13.zip
2017-02-18 20:53 - 2017-02-18 20:53 - 00107323 _____ C:\Users\Slamak\Desktop\Pojistka.pdf
2017-02-18 20:51 - 2017-02-18 20:51 - 00102558 _____ C:\Users\Slamak\Downloads\490435551.PDF
2017-02-18 20:15 - 2017-02-18 20:15 - 01377244 _____ C:\Users\Slamak\Downloads\testovaci-ssl-certifikat-thawte.pdf
2017-02-17 07:12 - 2017-02-17 07:12 - 03620092 _____ C:\Users\Slamak\Downloads\UPDATED PRICE LIST VYROBTESIPIVO 08.02.2017.pdf
2017-02-16 16:21 - 2017-02-16 16:32 - 1515676186 _____ C:\Users\Slamak\Downloads\vencep.avi
2017-02-16 16:13 - 2017-02-16 16:30 - 1651857408 _____ C:\Users\Slamak\Downloads\Star Trek Do neznáma.avi
2017-02-14 20:31 - 2017-02-14 21:02 - 1380786652 _____ C:\Users\Slamak\Downloads\Díra u Hanušovic 2014 CZ Film DVDRip.avi
2017-02-14 20:28 - 2017-02-14 20:52 - 1573277696 _____ C:\Users\Slamak\Downloads\Mist_i cz.avi
2017-02-14 20:27 - 2017-02-14 20:54 - 833598328 _____ C:\Users\Slamak\Downloads\Celebrity s.r.o-2016-cz.film-KOMEDIE.avi
2017-02-14 20:25 - 2017-02-14 20:45 - 1156334218 _____ C:\Users\Slamak\Downloads\Brainstorm (2008) _esko Komedie Drama Psychologický.avi
2017-02-14 10:24 - 2017-02-14 10:31 - 1067954768 _____ C:\Users\Slamak\Downloads\Bohema-5.dil-6-Vyhrat-za-kazdou-cenu---12.2.2017.avi
2017-02-13 15:18 - 2017-02-13 15:18 - 00108871 _____ C:\Users\Slamak\Downloads\FAKTURA-56091(1).pdf
2017-02-13 12:55 - 2017-02-13 12:55 - 00290332 _____ C:\Users\Slamak\Downloads\MSDS-Desam Solid (09-2015) Schulke.pdf
2017-02-12 18:58 - 2017-02-12 19:13 - 788600518 _____ C:\Users\Slamak\Downloads\Život-je-život--(cz-komedie-2015).avi
2017-02-12 15:17 - 2017-02-12 15:30 - 2135052994 _____ C:\Users\Slamak\Downloads\Spectre.2015.BRRip.XviD.AC3-RARBG.CZ.dub.avi
2017-02-11 21:16 - 2017-02-11 21:16 - 00108871 _____ C:\Users\Slamak\Downloads\FAKTURA-56091.pdf
2017-02-11 20:28 - 2017-02-12 20:05 - 641228800 _____ C:\Users\Slamak\Downloads\Vejška-Vejška (2014) Komedie.avi
2017-02-11 20:19 - 2017-02-11 22:20 - 973083570 _____ C:\Users\Slamak\Downloads\Učitelka-2016-CZ.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-13 19:45 - 2016-11-18 17:41 - 00000000 ____D C:\Users\Slamak\AppData\LocalLow\Mozilla
2017-03-13 16:37 - 2014-09-21 13:05 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\eM Client
2017-03-13 15:52 - 2014-01-12 13:41 - 00000000 ____D C:\Users\Slamak\Documents\Profit zálohy
2017-03-13 15:21 - 2013-12-29 08:50 - 00000000 ____D C:\Users\Slamak\Documents\exporty profit
2017-03-13 14:55 - 2015-07-30 12:28 - 00000000 ____D C:\Program Files (x86)\PROFIT
2017-03-13 11:37 - 2016-09-21 03:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-12 23:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-12 18:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-12 15:35 - 2014-02-11 20:05 - 00000000 ____D C:\Users\Slamak\Documents\zalohy PROFIT
2017-03-12 14:35 - 2016-09-21 04:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-12 14:35 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-11 20:22 - 2016-09-21 04:05 - 00000000 ____D C:\Users\Slamak
2017-03-10 21:29 - 2014-01-29 23:09 - 00000000 ___SD C:\Users\Slamak\Documents\My Web Sites
2017-03-10 21:27 - 2014-09-29 08:31 - 00000000 ____D C:\Users\Slamak\AppData\LocalLow\Temp
2017-03-10 21:12 - 2016-10-02 10:02 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-10 13:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-09 14:30 - 2016-09-21 04:34 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-03-09 14:30 - 2016-09-21 04:34 - 00002932 _____ C:\WINDOWS\System32\Tasks\Program k provádění aktualizací online Adobe
2017-03-09 14:26 - 2013-10-12 21:31 - 00000000 ____D C:\Users\Slamak\AppData\Local\CrashDumps
2017-03-09 13:12 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 12:40 - 2013-10-05 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-09 12:29 - 2014-10-18 16:12 - 00000000 ____D C:\Users\Slamak\Documents\eM Client
2017-03-09 12:20 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-09 06:45 - 2016-05-29 21:30 - 00071809 _____ C:\Users\Slamak\Desktop\Pivni_vypocty2.ods
2017-03-09 01:17 - 2015-06-01 21:01 - 13182528 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2017-03-09 01:17 - 2015-06-01 21:01 - 11460448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 09025672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 05382856 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-03-09 01:16 - 2015-06-01 21:00 - 00463960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2017-03-09 01:16 - 2015-06-01 21:00 - 00420960 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00193112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00128648 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 00112264 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 00082056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2017-03-08 20:52 - 2013-10-05 14:12 - 00000000 ____D C:\Users\Slamak\Documents\Dokumenty Eshop
2017-03-08 13:50 - 2014-09-24 20:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-07 19:42 - 2014-11-16 21:45 - 00000000 ____D C:\Program Files\trend micro
2017-03-07 12:16 - 2014-06-27 19:35 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Oracle
2017-03-06 18:02 - 2013-10-05 14:32 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\FileZilla
2017-03-06 18:01 - 2013-10-05 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-06 18:01 - 2013-10-05 14:32 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2017-03-06 12:15 - 2014-12-20 21:12 - 00000000 ___RD C:\Users\Slamak\Documents\Scanned Documents
2017-03-04 13:15 - 2015-02-25 18:13 - 00000000 ____D C:\ProgramData\AlawarWrapper
2017-03-04 10:20 - 2014-09-12 20:51 - 00000000 ____D C:\FOTOONLINE
2017-03-03 21:47 - 2014-12-26 06:16 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-03 20:25 - 2014-12-13 12:24 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-03 20:14 - 2016-01-08 08:18 - 00004608 _____ C:\6XSourceFilter.grf
2017-03-03 13:58 - 2017-01-26 19:40 - 00028200 _____ C:\Users\Slamak\Desktop\Nákupy.ods
2017-03-02 23:39 - 2016-09-21 04:34 - 00003188 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-02 23:35 - 2013-10-22 19:50 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Skype
2017-03-02 23:35 - 2013-10-05 17:54 - 00000000 ____D C:\Users\Slamak\AppData\Local\Microsoft Help
2017-03-02 23:35 - 2012-11-22 13:05 - 00000000 ____D C:\ProgramData\Temp
2017-03-02 23:34 - 2016-09-21 04:55 - 00000000 ___DC C:\WINDOWS\Panther
2017-03-02 23:34 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-03-02 22:50 - 2014-05-17 16:17 - 00000000 ____D C:\Users\Slamak\AppData\Local\AVG
2017-03-02 22:47 - 2013-12-27 07:47 - 00000000 ____D C:\ProgramData\AVG
2017-03-02 20:21 - 2016-06-15 17:24 - 00000000 ____D C:\temp
2017-03-02 20:19 - 2016-09-21 04:34 - 00004012 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1453580228
2017-03-02 20:19 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-02 20:19 - 2016-01-23 21:17 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-02 20:00 - 2015-09-24 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-03-02 20:00 - 2015-09-24 18:49 - 00000000 ____D C:\Program Files (x86)\7-Zip
2017-03-02 19:44 - 2014-12-26 06:19 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-02 19:43 - 2016-02-24 08:26 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-03-02 19:43 - 2015-03-08 12:36 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-02 19:43 - 2014-12-26 06:19 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-01 10:57 - 2013-10-05 13:37 - 00001228 _____ C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2017-03-01 00:02 - 2013-10-05 22:37 - 00000000 ____D C:\Users\Slamak\Documents\ESHOP
2017-02-28 07:08 - 2014-08-25 07:57 - 00000000 ____D C:\Users\Slamak\AppData\Local\Adobe
2017-02-28 07:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-28 07:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-27 07:43 - 2016-11-03 14:47 - 00000287 _____ C:\Users\Slamak\Desktop\Nový textový dokument (2).txt
2017-02-27 06:48 - 2012-11-22 13:04 - 00000000 ____D C:\Program Files (x86)\NTI
2017-02-27 06:48 - 2012-11-22 13:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-27 06:43 - 2014-12-24 19:39 - 00000000 ____D C:\Garmin
2017-02-27 06:42 - 2013-10-22 19:50 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 06:40 - 2014-05-29 14:00 - 00000000 ____D C:\ProgramData\Nero
2017-02-27 06:35 - 2017-01-30 22:06 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Foxit Software
2017-02-27 06:35 - 2014-12-29 10:17 - 00000000 ___RD C:\Users\Slamak\OneDrive
2017-02-27 06:34 - 2017-01-30 22:06 - 00000000 ____D C:\ProgramData\Foxit Software
2017-02-24 15:17 - 2017-01-02 19:21 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Bitcoin
2017-02-24 14:36 - 2015-07-30 12:28 - 00001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PROFIT.lnk
2017-02-24 14:36 - 2015-07-30 12:28 - 00001052 _____ C:\Users\Public\Desktop\PROFIT.lnk
2017-02-24 14:36 - 2015-07-30 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPsoft PROFIT
2017-02-24 07:24 - 2013-11-02 18:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 07:19 - 2013-11-02 18:58 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 18:38 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 13:41 - 2016-04-13 18:39 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2014-03-05 20:33 - 2014-05-21 19:10 - 0000056 _____ () C:\Users\Slamak\AppData\Local\Images.fl
2014-01-11 19:50 - 2016-09-11 18:29 - 0007602 _____ () C:\Users\Slamak\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Slamak\Desktop" je 39 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2017
Ran by Slamak (13-03-2017 19:52:59)
Running from C:\Users\Slamak\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-21 03:53:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3621977129-2832859686-462106091-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621977129-2832859686-462106091-503 - Limited - Disabled)
Guest (S-1-5-21-3621977129-2832859686-462106091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3621977129-2832859686-462106091-1003 - Limited - Enabled)
Slamak (S-1-5-21-3621977129-2832859686-462106091-1001 - Administrator - Enabled) => C:\Users\Slamak

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AC-3 ACM Codec 2.2 (HKLM-x32\...\AC3ACM) (Version: 2.2 - fccHandler)
AC-3 ACM Codec x64 2.2 (HKLM\...\AC3ACM) (Version: 2.2 - fccHandler)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Akrem studio (HKLM-x32\...\Akrem studio_Akrem studio) (Version: - )
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.4 - Arduino LLC)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
BlazeHDTV 6.0 (HKLM-x32\...\BlazeHDTV 6.0_is1) (Version: - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.96 - Broadcom Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-7055W (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - CZ (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CzechRep_by_Dave_Luv (HKLM-x32\...\CzechRep_by_Dave_Luv) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Electrum (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Electrum) (Version: 2.7.18 - Electrum Technologies GmbH)
eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.)
FileZilla Client 3.24.1 (HKLM-x32\...\FileZilla Client) (Version: 3.24.1 - Tim Kosse)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOKNIHY ONLINE (HKLM-x32\...\FOTOKNIHY ONLINE_FOTOKNIHY ONLINE) (Version: - )
Freemake Video Converter verze 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.12.5268 - Gretech Corporation)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Mega Codec Pack 11.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 cs)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.0.6270 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8309 - MyHeritage.com)
Noční můra z hlubin: Volání Sirény (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Noční můra z hlubin: Volání Sirény) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NVIDIA PhysX v8.05.26 (HKLM-x32\...\{11AE6807-50D2-4F59-82B3-2C3E695E94C2}) (Version: 8.05.26 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
PROFIT 2017.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
ProgDVB (HKLM-x32\...\ProgDVB) (Version: 7.x - Prog)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.561 (x32 Version: 3.55.2393.561 - Avast Software) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A00522-35A8-4318-B4F9-58BCA82B4C36} - System32\Tasks\{181CE5D4-D103-47A7-9F24-61B5D5C555D7} => pcalua.exe -a C:\Users\Slamak\Downloads\DDRinstall.exe -d C:\Users\Slamak\Downloads
Task: {1350A46E-6849-45AB-89F5-E8828B4AF74A} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {17660AAA-27C1-41C3-BAC5-ECE9E2DAFC4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {22836ED9-6809-4E92-885D-2A28D0D37D49} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {2295B629-0AA4-49AC-AC9A-EB6EF400D834} - System32\Tasks\SafeZone scheduled Autoupdate 1453580228 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software)
Task: {2B7492F1-AF9E-41CE-B94C-BC7B98EAEAEB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2016-07-06] ()
Task: {30CEB371-1E08-4188-8984-BCBF880E86C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-28] (Adobe Systems Incorporated)
Task: {32FD5AA6-2DB8-4649-80F0-3D4AC5D8902A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {39A9F29C-FF8C-4356-AE0E-F09700CA4A9C} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {3A94C1D7-491B-4481-8490-783C66B364D0} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2016-07-06] ()
Task: {40A9C6E6-7422-4660-9971-5FC1201A25FC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-02] (AVAST Software)
Task: {585EC883-F50D-4365-8BB2-421EA561C8F9} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {61BD3CD7-ABE6-444C-AAA2-C5A66B123018} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-10-21] ()
Task: {6C6256BD-8C35-4E21-B9EC-1B8157A45CCC} - System32\Tasks\{EDB6CCAF-7385-4F0D-81BB-3907F76463EA} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe"
Task: {7510DD46-9F1F-47BC-AC21-68BF7D20F90F} - System32\Tasks\{46AC75F9-7279-44FE-B6C8-0D1DB47FE976} => pcalua.exe -a C:\Users\Slamak\Downloads\AZ_AlbumMaker_setup(1).exe -d C:\Users\Slamak\Downloads
Task: {880E63BE-025F-4980-99B1-BE34455CFCF1} - System32\Tasks\{1A614DCE-B283-40EF-8D8F-3F54D8AD6629} => pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4719.1002 culture=cs-cz productstoremove=O365HomePremRetail_cs-cz_x-none
Task: {C71FF138-48D9-46A8-8610-ADB2640C55D5} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {C836D59B-3725-4582-A701-1D3602BD53BD} - System32\Tasks\avastBCLRestartS-1-5-21-3621977129-2832859686-462106091-1001 => Firefox.exe
Task: {E2645371-307B-4252-8393-D1F4C609C258} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {E404C4BD-2ED7-422E-8E53-5374AFFC1D98} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E79DD6A7-60B0-4E62-BBCB-2D65C360B4B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {F477C497-7AE6-4D99-ABC8-1ED9726E8AF6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Slamak\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
Shortcut: C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\Go To StepMania web site.lnk -> hxxp://www.stepmania.com

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-03-28 19:07 - 2016-03-28 19:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-21 22:03 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 20:43 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 20:43 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 20:43 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 21:00 - 2017-03-09 01:16 - 00112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-02-15 15:51 - 2017-02-15 15:51 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2012-11-03 01:38 - 2012-11-03 01:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2013-02-08 21:09 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-03-02 19:44 - 2017-03-02 19:44 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-03 13:08 - 2016-07-03 13:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-02 19:43 - 2017-03-02 19:43 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-02 19:44 - 2017-03-02 19:44 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-02 22:45 - 2017-03-02 22:44 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-03-09 19:25 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Slamak\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.154.240.3 - 10.154.240.66
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Acer Backup Manager Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "RadioController"
HKLM\...\StartupApproved\Run32: => "NtVdmSrv"
HKLM\...\StartupApproved\Run32: => "LManager"
HKLM\...\StartupApproved\Run32: => "Monitor"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "ProgLauncher"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GEN"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DA525EAC-6852-482F-AA63-74E18CFA687B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{983CF36B-CB3D-4385-971B-FD79973B6783}] => (Allow) LPort=1900
FirewallRules: [{C20889E0-6A14-404A-BE8A-6309D99072A4}] => (Allow) LPort=2869
FirewallRules: [{9431EEC7-ED77-47CF-A15D-FF8F6E28B0B1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{1EF1063B-344D-4257-81B2-F94ECA4C15BB}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{54DC1741-7570-4420-B713-C0B174C039A9}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{3BCF9347-E346-46E0-B33F-A4BC67D2A2EF}] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{064AD829-5C27-47EF-AE3D-2FC9FA0C2312}] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{7B39F568-61F0-4193-875D-D29EFB358C9F}] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [{13F9C526-59E9-4DE2-BA2C-2320D4C8DBD7}] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{99F5D564-1C52-4ED1-90FF-F546A28BC91E}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{4CD18BA7-7FEA-4FC5-9849-F5C422EECF5C}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{209C1F0F-6329-458A-B4A6-7DD85D1F1A77}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{A9789E06-29D9-4BCA-AC6E-1484948C3FFD}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{76C5B11D-E3B1-4EA6-9084-3A45E83D0B0E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{54138E86-28AE-4ED8-8835-64438D0A2B9D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7C0852DB-1D41-4918-AFCA-448A793918F7}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{E2CD2A1C-03FB-455B-9231-AC5C53314E76}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{9842AC32-6485-453D-8FFC-A38E68AE5A84}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{49D6C8F0-2D7A-42CB-86BB-547F812FEF5C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{E8C9F16C-DD0C-45EC-B7CE-D1FA42A123A6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B98B703E-E1A4-4826-A256-1E06246CFF86}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{4438A42E-CA01-487A-A81F-96AD350C6535}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{A85D8387-645E-44E9-94E1-34AA456EB606}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{BFCFDD45-68EB-4105-8726-73306E3B622A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{33049DF9-DBBD-4769-9505-68649786D112}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{1DCA56D4-AD07-48B8-8297-ABD1F86884C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{DDC7E40F-1333-444F-B1B6-E83D9E46BDD7}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{0765CE9F-2F1D-46EF-BA2D-8035F6F32525}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{787E5484-3AEB-4774-A241-823C0F3D7FC3}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{BE1DCC74-2862-4763-B8E4-73A2264E94C1}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{5CEF367C-579E-4CA3-8269-AA0A5F195804}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{93A5B1E3-0F5F-41E7-AEED-71D9A29FE05E}] => (Allow) LPort=54925
FirewallRules: [{ED95B026-8EE2-48BA-A20C-78F41E095F3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B889CF8-37E5-4CC8-A046-2198B81E3151}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3F197BA-31E7-477E-9BB3-4180D5FEAA98}] => (Allow) C:\Program Files (x86)\Hry.cz\Nightmares from the Deep The Sirens Call\Nocnimurazhlubin_VolaniSireny.exe
FirewallRules: [TCP Query User{82F58A0E-8AC8-483F-85FE-1DD266BB7CF0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{328DF6A7-3A5F-49FD-9071-2666B4016B18}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B1029764-1F37-4419-9554-D6C613B735F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EA82611E-15D4-4328-8C80-B987426B92D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63BEB568-CDE7-4A80-98B3-911641C9829E}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{30CB0268-27E1-4B48-B980-938917BA621B}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{FE085ABC-22CA-4390-8736-2CA26E883E36}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{952311B2-4BB1-4F48-912D-75986740EF7F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6853868E-3294-4265-B6FC-0B31B1EEAF5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F6F4E9A0-1709-4F31-9BD2-A1E011E8D7EE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2017 07:54:51 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/13/2017 07:54:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/13/2017 04:32:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.1.0.415, časové razítko: 0x5881b7a1
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x5825887f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002f7db
ID chybujícího procesu: 0x998
Čas spuštění chybující aplikace: 0x01d29b3593358951
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c33f555b-f0c3-432a-ae7b-4de40e6640cd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/12/2017 08:36:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5369fdea
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.479, časové razítko: 0x58256d37
Kód výjimky: 0xe0434352
Posun chyby: 0x000da832
ID chybujícího procesu: 0x470
Čas spuštění chybující aplikace: 0x01d29b3592c57f4e
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 0f7f6404-fb26-48df-9c12-9c84fde5ac15
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/12/2017 08:36:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentException
na System.Security.Principal.SecurityIdentifier..ctor(System.String)
na FreemakeUtilsService.Common.ToolbarInstallationChecker.GetSidToUsernameDictionary()
na FreemakeUtilsService.Common.ToolbarInstallationChecker.CheckInfo(FreemakeUtilsService.Common.FreemakeToolbarsInfo)
na FreemakeUtilsService.Statistics.Manager.StartToolbarInfoCheck()
na FreemakeUtilsService.Statistics.Manager.SettingsSyncFailed(System.Object, System.EventArgs)
na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/11/2017 07:03:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5369fdea
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.14393.479, časové razítko: 0x58256d37
Kód výjimky: 0xe0434352
Posun chyby: 0x000da832
ID chybujícího procesu: 0x7b4
Čas spuštění chybující aplikace: 0x01d299dab9b03b0e
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 9b232c7f-83ca-456d-93b0-81823692eb21
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/11/2017 07:03:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.ArgumentException
na System.Security.Principal.SecurityIdentifier..ctor(System.String)
na FreemakeUtilsService.Common.ToolbarInstallationChecker.GetSidToUsernameDictionary()
na FreemakeUtilsService.Common.ToolbarInstallationChecker.CheckInfo(FreemakeUtilsService.Common.FreemakeToolbarsInfo)
na FreemakeUtilsService.Statistics.Manager.StartToolbarInfoCheck()
na FreemakeUtilsService.Statistics.Manager.SettingsSyncFailed(System.Object, System.EventArgs)
na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/11/2017 11:35:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SlamakAcer)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/10/2017 08:11:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SlamakAcer)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/10/2017 08:07:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: avgsvca.exe, verze: 1.143.2.51391, časové razítko: 0x584680fd
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.14393.0, časové razítko: 0x578997b5
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000110dd
ID chybujícího procesu: 0x7b0
Čas spuštění chybující aplikace: 0x01d2999cd9aa8f2a
Cesta k chybující aplikaci: C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: ed1cd670-7c12-4db2-befc-9855c85afed2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/13/2017 07:45:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba aswbIDSAgent skončila s následující chybou specifickou pro službu:
%%3758213661

Error: (03/13/2017 04:37:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 04:32:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/13/2017 04:31:13 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba aswbIDSAgent skončila s následující chybou specifickou pro službu:
%%3758213661

Error: (03/13/2017 01:43:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 01:08:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 11:37:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 07:07:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 06:29:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2017 12:04:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 48%
Total physical RAM: 3909.28 MB
Available physical RAM: 1996.26 MB
Total Virtual: 10063.01 MB
Available Virtual: 7993.98 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:911.75 GB) (Free:356.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4B1BB8FD)

Partition: GPT.

==================== End of Addition.txt ============================

opet vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

( Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopíruj).

start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:

HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GEN] => "C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe"
C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe
U3 kwlcruod; C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys [56584 2017-03-13] (GMER) [File not signed] <==== ATTENTION
Task: {22836ED9-6809-4E92-885D-2A28D0D37D49} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {C71FF138-48D9-46A8-8610-ADB2640C55D5} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {E404C4BD-2ED7-422E-8E53-5374AFFC1D98} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GEN"
end

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-03-2017
Ran by Slamak (14-03-2017 19:20:22) Run:2
Running from C:\Users\Slamak\Desktop
Loaded Profiles: Slamak (Available Profiles: Slamak)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:

HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GEN] => "C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe"
C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe
U3 kwlcruod; C:\Users\Slamak\AppData\Local\Temp\kwlcruod.sys [56584 2017-03-13] (GMER) [File not signed] <==== ATTENTION
Task: {22836ED9-6809-4E92-885D-2A28D0D37D49} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {C71FF138-48D9-46A8-8610-ADB2640C55D5} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {E404C4BD-2ED7-422E-8E53-5374AFFC1D98} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GEN"
end
*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GEN => value removed successfully
"C:\Users\Slamak\AppData\Local\Programs\GEN\GEN.exe" => not found.
HKLM\System\CurrentControlSet\Services\kwlcruod => key removed successfully
kwlcruod => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22836ED9-6809-4E92-885D-2A28D0D37D49} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22836ED9-6809-4E92-885D-2A28D0D37D49} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C71FF138-48D9-46A8-8610-ADB2640C55D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C71FF138-48D9-46A8-8610-ADB2640C55D5} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E404C4BD-2ED7-422E-8E53-5374AFFC1D98} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E404C4BD-2ED7-422E-8E53-5374AFFC1D98} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GEN => value removed successfully
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GEN => value not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57009114 B
Java, Flash, Steam htmlcache => 991 B
Windows/system/drivers => 15389222 B
Edge => 0 B
Chrome => 0 B
Firefox => 375589159 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 16322 B
NetworkService => 0 B
Slamak => 37945674 B

RecycleBin => 268207 B
EmptyTemp: => 463.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:23:00 ====

jak se chova pc?

No, vypadá to OK.

TAk přece něco. Když spustím kalkulačku, nelze na ni psát num. klávesnicí, jen kliky myší.
Taky nejde psát do kolonky vyhledávání ve Win 10, ani písmena ani číslice.

prvne ti zkusim zprovoznit restore pointy na windowsech, ktere jsou nejspis blokovane nejspis nejakou 3ti aplikaci.
original link

1. dej Start->nech si vyhledat REGEDIT a spusti.
2. vyhleje ji nasledujici klic:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\swprv\Parameters

poznamka: Pokud Parameters registry klic chybi, udelej nasledujici kroky:
Pravym mysitkem klikni na swprv , novy->vyber KLIC-> pojmenuj ho Parameters -> enter

3. Once the Parameters registry key is selected, verify that the ServiceDll registry value has the following value:
3. Over, ze klic Parameters ma v hodnote ServiceDll zaznam:

%Systemroot%\System32\swprv.dll

poznamka: Jestli hodnota ServiceDll chybi udelej nasledujici kroky:

a. Prave mysitko na Parameters -> vyber NOVY, vyber Expandable String Value (REG_EXPAND_SZ).
b. pojmenuj ServiceDll -> Enter.
c. Dvojklik na ServiceDll .
d. do kolonky DATA HODNOTY napis %Systemroot%\System32\swprv.dll , -> OK.



EDIT: Po tomto mi zkus dat jeste jednou LOGy z FRST.

Všechny záznamy byly na místě, nemusel jsem nic doplňovat.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Slamak (administrator) on SLAMAKACER (16-03-2017 19:10:28)
Running from C:\Users\Slamak\Desktop
Loaded Profiles: Slamak (Available Profiles: Slamak)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Slamak\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-02-08] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-02] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [14517936 2016-07-14] (MyHeritage)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [24742760 2016-10-21] (eM Client s.r.o.)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [DAEMON Tools Lite] => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Run: [ProgLauncher] => C:\Program Files (x86)\ProgDVB\ProgLauncher.exe [400584 2016-08-26] ()
IFEO\acpanel_win.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dtlite.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\googledrivesync.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\myheritage.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progdvbnet.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progguide.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\progtv.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skineditor.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\sptdinst-x64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-02] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-11-22]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk [2013-11-26]
ShortcutTarget: TrayMenu.lnk -> C:\Windows\SysWOW64\C2MP\TrayMenu.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{5ebae234-8da9-4cf8-be43-1d89008d74f4}: [DhcpNameServer] 10.154.240.3 10.154.240.66
Tcpip\..\Interfaces\{f77bfe06-ae58-4493-81ba-fffbdc2587a6}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope {6A9BB02B-2030-4929-AE57-F965133B84E3} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621977129-2832859686-462106091-1001 -> {6A9BB02B-2030-4929-AE57-F965133B84E3} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-12] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default [2017-03-16]
FF user.js: detected! => C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\user.js [2017-03-02]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\gjyzp0az.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\gjyzp0az.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\gjyzp0az.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\gjyzp0az.default -> hxxps://www.seznam.cz/
FF Extension: (Avast Passwords) - C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2017-02-10]
FF Extension: (Password Exporter) - C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-03-12]
FF SearchPlugin: C:\Users\Slamak\AppData\Roaming\Mozilla\Firefox\Profiles\gjyzp0az.default\searchplugins\seznam-avast.xml [2015-02-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-28] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13906
CHR StartupUrls: Default -> "hxxp://websearch.just-browse.info/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&i ... hannel=rcs
CHR DefaultSearchKeyword: Default -> google.com_
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?q={searchTerms}
CHR Profile: C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default [2017-03-10]
CHR Extension: (CacheList) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhhdbdhoghppijbjfdkiaconkmfbbpa [2016-11-09]
CHR Extension: (Dokumenty Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-10]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-10]
CHR Extension: (YouTube) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Avast Online Security) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-12-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-10]
CHR Extension: (Avast Passwords) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-02-15]
CHR Extension: (Avast SafePrice) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-10]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-10]
CHR Extension: (Save the Penguin) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinohkicpolgdfgajpflbaoimmnaeibb [2017-02-24]
CHR Extension: (Gmail) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-15]
CHR Extension: (Geoseznam) - C:\Users\Slamak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkejgpgaflkeonkliblcplomemekogop [2016-07-06]
CHR HKU\S-1-5-21-3621977129-2832859686-462106091-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-02] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-02] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-26] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-07] (Freemake) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-02-08] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-02] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-02] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-02] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-02] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-02] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [461640 2017-03-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-02] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [547904 2017-03-02] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-02] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-02] (AVAST Software)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (www.winchiphead.com)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-02-08] (Dritek System Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-16 19:10 - 2017-03-16 19:11 - 00023021 _____ C:\Users\Slamak\Desktop\FRST.txt
2017-03-16 19:08 - 2017-03-16 19:10 - 02424832 _____ (Farbar) C:\Users\Slamak\Desktop\FRST64.exe
2017-03-16 19:08 - 2017-03-16 19:09 - 00112640 _____ (forum.viry.cz) C:\Users\Slamak\Desktop\FRSTLauncher.exe
2017-03-16 06:53 - 2017-03-16 06:53 - 00009141 _____ C:\Users\Slamak\Downloads\output(6).pdf
2017-03-16 06:52 - 2017-03-16 06:52 - 00074316 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-16-1636.pdf
2017-03-16 06:41 - 2017-03-16 06:41 - 00000131 _____ C:\Users\Slamak\Downloads\objednavka_export_16-03-2017-06-41-46.csv
2017-03-16 06:39 - 2017-03-16 06:40 - 00002742 _____ C:\Users\Slamak\Downloads\ordersXML(2).xml
2017-03-15 19:28 - 2017-03-15 19:28 - 00409620 _____ C:\Users\Slamak\Downloads\Bulldog Brewer.pdf
2017-03-15 19:11 - 2017-03-15 19:11 - 00075674 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-15-1327.pdf
2017-03-15 19:11 - 2017-03-15 19:11 - 00011002 _____ C:\Users\Slamak\Downloads\output(5).pdf
2017-03-15 15:30 - 2017-03-15 15:30 - 00000219 _____ C:\Users\Slamak\Downloads\objednavka_export_15-03-2017-15-30-33.csv
2017-03-15 15:20 - 2017-03-15 15:20 - 00007118 _____ C:\Users\Slamak\Downloads\ordersXML(1).xml
2017-03-15 11:17 - 2017-03-15 11:17 - 00492917 _____ C:\Users\Slamak\Downloads\manual_-_pivovar-sk(1).pdf
2017-03-15 11:16 - 2017-03-15 11:16 - 00492917 _____ C:\Users\Slamak\Downloads\manual_-_pivovar-sk.pdf
2017-03-15 09:07 - 2017-03-15 09:07 - 00015468 _____ C:\Users\Slamak\Downloads\ordersXML.xml
2017-03-14 23:28 - 2017-03-14 23:28 - 00158059 _____ C:\Users\Slamak\Downloads\EP.pdf
2017-03-14 21:28 - 2017-03-14 21:28 - 00080367 _____ C:\Users\Slamak\Downloads\449570776_0_RocniVypisROS.pdf
2017-03-14 21:22 - 2017-03-14 21:22 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-14 13:13 - 2017-03-14 13:13 - 00009252 _____ C:\Users\Slamak\Downloads\output(4).pdf
2017-03-13 20:09 - 2017-03-13 20:09 - 00009090 _____ C:\Users\Slamak\Downloads\output(3).pdf
2017-03-13 16:00 - 2017-03-13 16:00 - 00371282 _____ C:\Users\Slamak\Downloads\gmer(1).zip
2017-03-13 15:50 - 2017-03-13 15:50 - 00371282 _____ C:\Users\Slamak\Downloads\gmer.zip
2017-03-13 15:39 - 2017-03-13 15:39 - 00075257 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-13-1791.pdf
2017-03-13 15:39 - 2017-03-13 15:39 - 00017313 _____ C:\Users\Slamak\Downloads\output(2).pdf
2017-03-13 07:03 - 2017-03-13 07:03 - 00009072 _____ C:\Users\Slamak\Downloads\output(1).pdf
2017-03-13 06:43 - 2017-03-13 06:43 - 00012949 _____ C:\Users\Slamak\Downloads\output.pdf
2017-03-12 16:55 - 2017-03-12 17:15 - 1731911076 _____ C:\Users\Slamak\Downloads\ostravak.ostravski.2016.480p.DVDRip.XVID.AC3.CZ.avi
2017-03-12 16:52 - 2017-03-12 17:27 - 981307392 _____ C:\Users\Slamak\Downloads\Prichozi - Arrival (2016)_cz dab.avi.part
2017-03-12 15:16 - 2017-03-12 15:16 - 00075639 _____ C:\Users\Slamak\Downloads\zasilkovna-2017-03-12-1103.pdf
2017-03-11 20:07 - 2017-03-11 20:07 - 00425906 _____ C:\Users\Slamak\Downloads\483507292.pdf
2017-03-11 20:02 - 2017-03-11 20:02 - 00569168 _____ C:\Users\Slamak\Downloads\489734385.pdf
2017-03-11 20:01 - 2017-03-11 20:01 - 00430352 _____ C:\Users\Slamak\Downloads\486648024.pdf
2017-03-10 21:12 - 2017-03-10 21:13 - 00387172 _____ C:\WINDOWS\Minidump\031017-30937-01.dmp
2017-03-10 21:12 - 2017-03-10 21:12 - 588130465 _____ C:\WINDOWS\MEMORY.DMP
2017-03-10 19:11 - 2017-03-10 19:12 - 00359501 _____ C:\Users\Slamak\Downloads\14436469(1).pdf
2017-03-10 19:08 - 2017-03-10 19:10 - 00359501 _____ C:\Users\Slamak\Downloads\14436469.pdf
2017-03-10 17:13 - 2017-03-08 12:46 - 00025237 _____ C:\Users\Slamak\Desktop\2017-02-28T02-02 Transakce č. 1055832024528472-2355991.pdf
2017-03-10 17:11 - 2017-03-10 17:12 - 00022726 _____ C:\Users\Slamak\Downloads\2017-02-01–2017-02-28_Transakce(1).zip
2017-03-10 13:43 - 2017-03-10 13:48 - 00000000 ____D C:\AdwCleaner
2017-03-09 20:28 - 2017-03-10 07:18 - 00000000 ____D C:\Users\Slamak\Desktop\tisk
2017-03-09 13:30 - 2017-03-16 19:10 - 00000000 ____D C:\FRST
2017-03-09 13:12 - 2017-03-09 13:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-09 13:12 - 2017-03-09 13:12 - 00000000 ____D C:\Intel
2017-03-09 07:24 - 2017-03-09 07:24 - 00052736 _____ C:\Users\Slamak\Downloads\GOPAY_112643542-170130-170205.xls
2017-03-09 07:07 - 2017-03-09 07:07 - 00471823 _____ C:\Users\Slamak\Downloads\171019421(1).pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00471991 _____ C:\Users\Slamak\Downloads\171010674.pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00471668 _____ C:\Users\Slamak\Downloads\171013755.pdf
2017-03-09 07:06 - 2017-03-09 07:06 - 00470862 _____ C:\Users\Slamak\Downloads\171016549(1).pdf
2017-03-09 01:17 - 2017-03-09 01:17 - 12935296 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 11330576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 01086408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00975184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00558728 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00553424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00242800 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00206000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-03-09 01:17 - 2017-03-09 01:17 - 00051184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 13046920 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 10829448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 05925984 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 03529352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 03139208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00593544 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00560776 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00536664 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00460936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00458376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00457344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00450184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00449160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00447112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00446600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00428680 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00402568 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00348808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00304264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2017-03-09 01:16 - 2017-03-09 01:16 - 00300128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00276064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00206944 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-03-09 01:16 - 2017-03-09 01:16 - 00193160 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00160392 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00145032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2017-03-09 01:16 - 2017-03-09 01:16 - 00134280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4459.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00119432 _____ C:\WINDOWS\system32\igdde64.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00099464 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00043144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 00027784 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2017-03-08 21:46 - 2017-03-08 21:46 - 00022725 _____ C:\Users\Slamak\Downloads\2017-02-01–2017-02-28_Transakce.zip
2017-03-08 21:19 - 2017-03-09 19:30 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2017-03-08 20:52 - 2017-03-08 20:52 - 00001284 _____ C:\Users\Slamak\Desktop\Faktury přijaté 2017 – zástupce.lnk
2017-03-08 20:51 - 2017-03-08 20:51 - 00001194 _____ C:\Users\Slamak\Desktop\Texty shop – zástupce.lnk
2017-03-07 19:42 - 2017-03-07 19:42 - 00000000 ____D C:\rsit
2017-03-07 12:16 - 2017-03-07 12:16 - 00000000 ____D C:\Users\Slamak\fUTkALeaTxM
2017-03-07 08:35 - 2017-03-07 08:35 - 00472563 _____ C:\Users\Slamak\Downloads\171022412.pdf
2017-03-06 18:01 - 2017-03-06 18:01 - 00000000 ____D C:\Users\Slamak\AppData\Local\FileZilla
2017-03-06 17:03 - 2017-03-06 17:03 - 00206521 _____ C:\Users\Slamak\Downloads\492092659.PDF
2017-03-06 17:02 - 2017-03-06 17:02 - 00089630 _____ C:\Users\Slamak\Downloads\492092658.PDF
2017-03-06 15:07 - 2017-03-06 15:11 - 00272470 _____ C:\Users\Slamak\Documents\kaplicka v opre.odt
2017-03-04 23:17 - 2017-03-04 23:17 - 00148566 _____ C:\Users\Slamak\Downloads\T8940540.pdf
2017-03-04 20:49 - 2017-03-04 20:50 - 01185889 _____ C:\Users\Slamak\Downloads\2015_Guidelines_Beer.pdf
2017-03-04 16:43 - 2017-03-04 16:58 - 1900460032 _____ C:\Users\Slamak\Downloads\Jokri.avi
2017-03-04 16:42 - 2017-03-04 16:49 - 824785610 _____ C:\Users\Slamak\Downloads\Zilionáři-2016-cz-dab.,super-kvalita.avi
2017-03-04 12:45 - 2017-03-04 12:51 - 914463076 _____ C:\Users\Slamak\Downloads\(cetnici-z-luhacovic)-09-dopis-ze-zahrobi--16'--DVBT_CZ-(romin).avi
2017-03-03 12:49 - 2017-03-03 12:49 - 00362130 _____ C:\Users\Slamak\Downloads\cenik-italie-novy.pdf
2017-03-02 23:36 - 2017-03-07 20:34 - 00003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-03-02 22:50 - 2017-03-02 22:50 - 00002594 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-03-02 22:50 - 2017-02-21 09:29 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-03-02 22:47 - 2017-03-02 22:47 - 00000979 _____ C:\Users\Slamak\Desktop\zalohy PROFIT – zástupce.lnk
2017-03-02 22:47 - 2017-03-02 22:47 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2017-03-02 22:47 - 2017-03-02 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2017-03-02 22:45 - 2017-03-15 21:01 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-03-02 22:45 - 2017-03-02 22:50 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-02 22:44 - 2017-03-02 23:48 - 00000000 ____D C:\Users\Slamak\AppData\Local\AvgSetupLog
2017-03-02 20:32 - 2017-03-02 20:36 - 773026364 _____ C:\Users\Slamak\Downloads\Bezva ženska na krku .2016 komedie cz avi.avi
2017-03-02 19:45 - 2017-03-06 10:37 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-02 19:45 - 2017-03-02 19:43 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-02 19:45 - 2017-03-02 19:43 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-02 19:44 - 2017-03-02 19:44 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-01 10:53 - 2017-03-01 10:53 - 00216324 _____ C:\Users\Slamak\Downloads\newsletter_3.pdf
2017-03-01 01:56 - 2017-03-01 01:56 - 00085710 _____ C:\Users\Slamak\Downloads\Obchodni podminky www.vyrobtesipivo.cz(1).pdf
2017-03-01 00:14 - 2012-01-19 02:27 - 00000000 ____D C:\Users\Slamak\Documents\tni_product_reviews
2017-03-01 00:11 - 2017-03-01 00:11 - 00012813 _____ C:\Users\Slamak\Downloads\tni_product_reviews RECENZE.zip
2017-02-28 23:17 - 2017-02-28 23:17 - 00402839 _____ C:\Users\Slamak\Downloads\sanicleantl.pdf
2017-02-28 22:26 - 2017-02-28 22:26 - 00305226 _____ C:\Users\Slamak\Downloads\PBW_SDS_EN.pdf
2017-02-28 22:26 - 2017-02-28 22:26 - 00238727 _____ C:\Users\Slamak\Downloads\Star_San_HB_SDS_EN.pdf
2017-02-28 21:56 - 2017-02-28 21:56 - 00471823 _____ C:\Users\Slamak\Downloads\171019421.pdf
2017-02-28 16:32 - 2017-02-28 16:33 - 176296836 _____ C:\Users\Slamak\Downloads\RINO-–-Příběh-špióna.part2.rar
2017-02-28 16:31 - 2017-02-28 16:46 - 2086666240 _____ C:\Users\Slamak\Downloads\RINO-–-Příběh-špióna.part1.rar
2017-02-27 19:24 - 2017-02-27 19:24 - 00050584 _____ C:\Users\Slamak\Downloads\4117048648.pdf
2017-02-27 19:24 - 2017-02-27 19:24 - 00048491 _____ C:\Users\Slamak\Downloads\4017047847.pdf
2017-02-27 19:21 - 2017-02-27 19:21 - 00050611 _____ C:\Users\Slamak\Downloads\4117048644.pdf
2017-02-27 19:21 - 2017-02-27 19:21 - 00048203 _____ C:\Users\Slamak\Downloads\4017047844.pdf
2017-02-27 16:14 - 2017-02-27 16:14 - 00003004 _____ C:\Users\Slamak\Downloads\438894670_1_Autentizační údaje(2).pdf
2017-02-27 11:41 - 2017-02-27 11:42 - 00020893 _____ C:\Users\Slamak\Desktop\Order Stanislav Krejci - vyrobtesipivo.cz.ods
2017-02-27 10:36 - 2017-02-27 10:36 - 00235513 _____ C:\Users\Slamak\Desktop\Brouwland_price_list_C20_July_2016_EN.xlsx
2017-02-25 21:04 - 2017-02-25 21:05 - 00530051 _____ C:\Users\Slamak\Downloads\Cenik-01012017.pdf
2017-02-24 19:35 - 2017-02-24 19:36 - 00061322 _____ C:\Users\Slamak\Downloads\050.270.8 en 050.514.9_SPEC_EN_Bavarian Wheat M20.pdf
2017-02-24 19:35 - 2017-02-24 19:35 - 00083215 _____ C:\Users\Slamak\Downloads\050.270.8.pdf
2017-02-24 15:39 - 2017-02-25 20:21 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Electrum
2017-02-24 15:37 - 2017-02-24 15:37 - 00001080 _____ C:\Users\Slamak\Desktop\Electrum.lnk
2017-02-24 15:37 - 2017-02-24 15:37 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2017-02-24 15:37 - 2017-02-24 15:37 - 00000000 ____D C:\Program Files (x86)\Electrum
2017-02-24 15:19 - 2017-02-24 16:16 - 00000074 _____ C:\Users\Slamak\Desktop\Bitcoin.txt
2017-02-24 15:18 - 2017-02-24 15:18 - 00000000 ____D C:\Users\Slamak\Documents\Bitcoin
2017-02-24 15:15 - 2017-02-24 15:16 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\MultiBitHD
2017-02-24 12:53 - 2017-02-24 12:53 - 10262944 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Data Sheets-20170224T115302Z-001.zip
2017-02-23 22:02 - 2017-02-23 22:02 - 00342006 _____ C:\Users\Slamak\Downloads\Kompakt_70l.pdf
2017-02-23 19:59 - 2017-02-23 19:59 - 01816415 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Traditional Series Beer Pouches-20170223T185854Z-001.zip
2017-02-23 19:57 - 2017-02-23 19:58 - 03333638 _____ C:\Users\Slamak\Downloads\Mangrove Jack's Craft Series Yeast-20170223T185729Z-001.zip
2017-02-22 20:46 - 2017-02-22 20:47 - 00100268 _____ C:\Users\Slamak\Desktop\661-1132 Baška Chorvatsko dovolená 2017.htm
2017-02-22 20:46 - 2017-02-22 20:47 - 00000000 ____D C:\Users\Slamak\Desktop\661-1132 Baška Chorvatsko dovolená 2017_soubory
2017-02-22 13:34 - 2017-02-22 13:34 - 07422592 _____ C:\Users\Slamak\Downloads\Katalog_podzim-zima_2016_web.pdf
2017-02-21 18:59 - 2017-02-21 18:59 - 00470854 _____ C:\Users\Slamak\Downloads\171016549.pdf
2017-02-20 22:55 - 2017-02-20 22:55 - 00000444 _____ C:\Users\Slamak\Downloads\csv-ukazka.csv
2017-02-20 16:18 - 2017-02-20 16:39 - 3003922830 _____ C:\Users\Slamak\Downloads\ČETNÍCI-Z-LUHAČOVIC-07.Padělek-FHD-(2017)-CZ-(78PT).avi
2017-02-20 16:14 - 2017-02-20 16:22 - 1063945388 _____ C:\Users\Slamak\Downloads\Bohéma S01E06 - Dvojí tvá_e - TVrip CZserial.avi
2017-02-19 22:04 - 2017-02-19 22:04 - 00045633 _____ C:\Users\Slamak\Downloads\PDFReport.aspx
2017-02-19 18:59 - 2017-02-19 18:59 - 00176219 _____ C:\Users\Slamak\Downloads\plna-moc.pdf
2017-02-19 18:58 - 2017-02-19 18:58 - 00106568 _____ C:\Users\Slamak\Downloads\merkblatt_deutsch.pdf
2017-02-19 18:57 - 2017-02-19 18:57 - 00090301 _____ C:\Users\Slamak\Downloads\StAb-Bau-Fragebg. 2002 - tschech..pdf
2017-02-19 18:56 - 2017-02-19 18:56 - 00018825 _____ C:\Users\Slamak\Downloads\Baustellenübersicht D-CZ.docx(1).pdf
2017-02-19 18:55 - 2017-02-19 18:55 - 00158712 _____ C:\Users\Slamak\Downloads\Fragenbogen CZ.pdf
2017-02-19 18:54 - 2017-02-19 18:55 - 00018825 _____ C:\Users\Slamak\Downloads\Baustellenübersicht D-CZ.docx.pdf
2017-02-19 18:54 - 2017-02-19 18:54 - 00381701 _____ C:\Users\Slamak\Downloads\Ansässigkeitsbescheinigung CZ.pdf
2017-02-18 22:13 - 2017-02-18 22:14 - 67620545 _____ C:\Users\Slamak\Downloads\backup_2017-02-18_22-13.zip
2017-02-18 20:53 - 2017-02-18 20:53 - 00107323 _____ C:\Users\Slamak\Desktop\Pojistka.pdf
2017-02-18 20:51 - 2017-02-18 20:51 - 00102558 _____ C:\Users\Slamak\Downloads\490435551.PDF
2017-02-18 20:15 - 2017-02-18 20:15 - 01377244 _____ C:\Users\Slamak\Downloads\testovaci-ssl-certifikat-thawte.pdf
2017-02-17 07:12 - 2017-02-17 07:12 - 03620092 _____ C:\Users\Slamak\Downloads\UPDATED PRICE LIST VYROBTESIPIVO 08.02.2017.pdf
2017-02-16 16:21 - 2017-02-16 16:32 - 1515676186 _____ C:\Users\Slamak\Downloads\vencep.avi
2017-02-16 16:13 - 2017-02-16 16:30 - 1651857408 _____ C:\Users\Slamak\Downloads\Star Trek Do neznáma.avi
2017-02-14 20:31 - 2017-02-14 21:02 - 1380786652 _____ C:\Users\Slamak\Downloads\Díra u Hanušovic 2014 CZ Film DVDRip.avi
2017-02-14 20:28 - 2017-02-14 20:52 - 1573277696 _____ C:\Users\Slamak\Downloads\Mist_i cz.avi
2017-02-14 20:27 - 2017-02-14 20:54 - 833598328 _____ C:\Users\Slamak\Downloads\Celebrity s.r.o-2016-cz.film-KOMEDIE.avi
2017-02-14 20:25 - 2017-02-14 20:45 - 1156334218 _____ C:\Users\Slamak\Downloads\Brainstorm (2008) _esko Komedie Drama Psychologický.avi
2017-02-14 10:24 - 2017-02-14 10:31 - 1067954768 _____ C:\Users\Slamak\Downloads\Bohema-5.dil-6-Vyhrat-za-kazdou-cenu---12.2.2017.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-16 19:00 - 2014-01-12 13:41 - 00000000 ____D C:\Users\Slamak\Documents\Profit zálohy
2017-03-16 18:17 - 2016-11-18 17:41 - 00000000 ____D C:\Users\Slamak\AppData\LocalLow\Mozilla
2017-03-16 18:15 - 2014-09-21 13:05 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\eM Client
2017-03-16 18:08 - 2015-07-30 12:28 - 00000000 ____D C:\Program Files (x86)\PROFIT
2017-03-16 13:45 - 2016-09-21 03:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-16 07:06 - 2014-02-11 20:05 - 00000000 ____D C:\Users\Slamak\Documents\zalohy PROFIT
2017-03-16 06:43 - 2013-12-29 08:50 - 00000000 ____D C:\Users\Slamak\Documents\exporty profit
2017-03-15 09:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-14 21:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-14 21:27 - 2016-11-21 15:12 - 00014823 _____ C:\Users\Slamak\Desktop\tisk Andrea.odt
2017-03-14 19:24 - 2016-09-21 04:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-14 19:23 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-14 19:22 - 2014-09-29 08:31 - 00000000 ____D C:\Users\Slamak\AppData\LocalLow\Temp
2017-03-11 20:22 - 2016-09-21 04:05 - 00000000 ____D C:\Users\Slamak
2017-03-10 21:29 - 2014-01-29 23:09 - 00000000 ___SD C:\Users\Slamak\Documents\My Web Sites
2017-03-10 21:12 - 2016-10-02 10:02 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-10 13:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-09 14:30 - 2016-09-21 04:34 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-03-09 14:30 - 2016-09-21 04:34 - 00002932 _____ C:\WINDOWS\System32\Tasks\Program k provádění aktualizací online Adobe
2017-03-09 14:26 - 2013-10-12 21:31 - 00000000 ____D C:\Users\Slamak\AppData\Local\CrashDumps
2017-03-09 13:12 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-09 12:40 - 2013-10-05 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-09 12:29 - 2014-10-18 16:12 - 00000000 ____D C:\Users\Slamak\Documents\eM Client
2017-03-09 12:20 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-09 06:45 - 2016-05-29 21:30 - 00071809 _____ C:\Users\Slamak\Desktop\Pivni_vypocty2.ods
2017-03-09 01:17 - 2015-06-01 21:01 - 13182528 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2017-03-09 01:17 - 2015-06-01 21:01 - 11460448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 09025672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 05382856 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-03-09 01:16 - 2015-06-01 21:00 - 00463960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2017-03-09 01:16 - 2015-06-01 21:00 - 00420960 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00193112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2017-03-09 01:16 - 2015-06-01 21:00 - 00128648 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 00112264 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2017-03-09 01:16 - 2015-06-01 21:00 - 00082056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2017-03-08 20:52 - 2013-10-05 14:12 - 00000000 ____D C:\Users\Slamak\Documents\Dokumenty Eshop
2017-03-08 13:50 - 2014-09-24 20:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-07 19:42 - 2014-11-16 21:45 - 00000000 ____D C:\Program Files\trend micro
2017-03-07 12:16 - 2014-06-27 19:35 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Oracle
2017-03-06 18:02 - 2013-10-05 14:32 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\FileZilla
2017-03-06 18:01 - 2013-10-05 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2017-03-06 18:01 - 2013-10-05 14:32 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2017-03-06 12:15 - 2014-12-20 21:12 - 00000000 ___RD C:\Users\Slamak\Documents\Scanned Documents
2017-03-04 13:15 - 2015-02-25 18:13 - 00000000 ____D C:\ProgramData\AlawarWrapper
2017-03-04 10:20 - 2014-09-12 20:51 - 00000000 ____D C:\FOTOONLINE
2017-03-03 21:47 - 2014-12-26 06:16 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-03 20:25 - 2014-12-13 12:24 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-03 20:14 - 2016-01-08 08:18 - 00004608 _____ C:\6XSourceFilter.grf
2017-03-03 13:58 - 2017-01-26 19:40 - 00028200 _____ C:\Users\Slamak\Desktop\Nákupy.ods
2017-03-02 23:39 - 2016-09-21 04:34 - 00003188 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-02 23:35 - 2013-10-22 19:50 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Skype
2017-03-02 23:35 - 2013-10-05 17:54 - 00000000 ____D C:\Users\Slamak\AppData\Local\Microsoft Help
2017-03-02 23:35 - 2012-11-22 13:05 - 00000000 ____D C:\ProgramData\Temp
2017-03-02 23:34 - 2016-09-21 04:55 - 00000000 ___DC C:\WINDOWS\Panther
2017-03-02 23:34 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-03-02 22:50 - 2014-05-17 16:17 - 00000000 ____D C:\Users\Slamak\AppData\Local\AVG
2017-03-02 22:47 - 2013-12-27 07:47 - 00000000 ____D C:\ProgramData\AVG
2017-03-02 20:21 - 2016-06-15 17:24 - 00000000 ____D C:\temp
2017-03-02 20:19 - 2016-09-21 04:34 - 00004012 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1453580228
2017-03-02 20:19 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-02 20:19 - 2016-01-23 21:17 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-02 20:00 - 2015-09-24 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-03-02 20:00 - 2015-09-24 18:49 - 00000000 ____D C:\Program Files (x86)\7-Zip
2017-03-02 19:44 - 2014-12-26 06:19 - 00547904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-02 19:44 - 2014-12-26 06:19 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-02 19:43 - 2016-02-24 08:26 - 00461640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-03-02 19:43 - 2015-03-08 12:36 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-02 19:43 - 2014-12-26 06:19 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-01 10:57 - 2013-10-05 13:37 - 00001228 _____ C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2017-03-01 00:02 - 2013-10-05 22:37 - 00000000 ____D C:\Users\Slamak\Documents\ESHOP
2017-02-28 07:08 - 2014-08-25 07:57 - 00000000 ____D C:\Users\Slamak\AppData\Local\Adobe
2017-02-28 07:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-28 07:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-27 07:43 - 2016-11-03 14:47 - 00000287 _____ C:\Users\Slamak\Desktop\Nový textový dokument (2).txt
2017-02-27 06:48 - 2012-11-22 13:04 - 00000000 ____D C:\Program Files (x86)\NTI
2017-02-27 06:48 - 2012-11-22 13:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-27 06:43 - 2014-12-24 19:39 - 00000000 ____D C:\Garmin
2017-02-27 06:42 - 2013-10-22 19:50 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 06:40 - 2014-05-29 14:00 - 00000000 ____D C:\ProgramData\Nero
2017-02-27 06:35 - 2017-01-30 22:06 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Foxit Software
2017-02-27 06:35 - 2014-12-29 10:17 - 00000000 ___RD C:\Users\Slamak\OneDrive
2017-02-27 06:34 - 2017-01-30 22:06 - 00000000 ____D C:\ProgramData\Foxit Software
2017-02-24 15:17 - 2017-01-02 19:21 - 00000000 ____D C:\Users\Slamak\AppData\Roaming\Bitcoin
2017-02-24 14:36 - 2015-07-30 12:28 - 00001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PROFIT.lnk
2017-02-24 14:36 - 2015-07-30 12:28 - 00001052 _____ C:\Users\Public\Desktop\PROFIT.lnk
2017-02-24 14:36 - 2015-07-30 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPsoft PROFIT
2017-02-24 07:24 - 2013-11-02 18:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 07:19 - 2013-11-02 18:58 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 18:38 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 13:41 - 2016-04-13 18:39 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2014-03-05 20:33 - 2014-05-21 19:10 - 0000056 _____ () C:\Users\Slamak\AppData\Local\Images.fl
2014-01-11 19:50 - 2016-09-11 18:29 - 0007602 _____ () C:\Users\Slamak\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Slamak\Desktop" je 32 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Slamak (16-03-2017 19:12:52)
Running from C:\Users\Slamak\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-21 03:53:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3621977129-2832859686-462106091-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621977129-2832859686-462106091-503 - Limited - Disabled)
Guest (S-1-5-21-3621977129-2832859686-462106091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3621977129-2832859686-462106091-1003 - Limited - Enabled)
Slamak (S-1-5-21-3621977129-2832859686-462106091-1001 - Administrator - Enabled) => C:\Users\Slamak

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM-x32\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AC-3 ACM Codec 2.2 (HKLM-x32\...\AC3ACM) (Version: 2.2 - fccHandler)
AC-3 ACM Codec x64 2.2 (HKLM\...\AC3ACM) (Version: 2.2 - fccHandler)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Akrem studio (HKLM-x32\...\Akrem studio_Akrem studio) (Version: - )
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.4 - Arduino LLC)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
BlazeHDTV 6.0 (HKLM-x32\...\BlazeHDTV 6.0_is1) (Version: - )
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.96 - Broadcom Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-7055W (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - CZ (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CzechRep_by_Dave_Luv (HKLM-x32\...\CzechRep_by_Dave_Luv) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Electrum (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Electrum) (Version: 2.7.18 - Electrum Technologies GmbH)
eM Client (HKLM-x32\...\{2A4CAF55-4B18-4B61-BE9E-94A54209F547}) (Version: 7.0.27943.0 - eM Client Inc.)
FileZilla Client 3.24.1 (HKLM-x32\...\FileZilla Client) (Version: 3.24.1 - Tim Kosse)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOKNIHY ONLINE (HKLM-x32\...\FOTOKNIHY ONLINE_FOTOKNIHY ONLINE) (Version: - )
Freemake Video Converter verze 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.12.5268 - Gretech Corporation)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Mega Codec Pack 11.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8102 - Acer Incorporated)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0 (x86 cs)) (Version: 52.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.0.6270 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8309 - MyHeritage.com)
Noční můra z hlubin: Volání Sirény (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\Noční můra z hlubin: Volání Sirény) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NVIDIA PhysX v8.05.26 (HKLM-x32\...\{11AE6807-50D2-4F59-82B3-2C3E695E94C2}) (Version: 8.05.26 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
PlayDance verze 1.0.980 (HKLM-x32\...\{EC8642E4-7CE3-4379-9114-6E34DEF98D58}_is1) (Version: 1.0.980 - VISO SPORT s.r.o.)
PROFIT 2017.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
ProgDVB (HKLM-x32\...\ProgDVB) (Version: 7.x - Prog)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.561 (x32 Version: 3.55.2393.561 - Avast Software) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A00522-35A8-4318-B4F9-58BCA82B4C36} - System32\Tasks\{181CE5D4-D103-47A7-9F24-61B5D5C555D7} => pcalua.exe -a C:\Users\Slamak\Downloads\DDRinstall.exe -d C:\Users\Slamak\Downloads
Task: {1350A46E-6849-45AB-89F5-E8828B4AF74A} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {17660AAA-27C1-41C3-BAC5-ECE9E2DAFC4F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2295B629-0AA4-49AC-AC9A-EB6EF400D834} - System32\Tasks\SafeZone scheduled Autoupdate 1453580228 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-15] (Avast Software)
Task: {2B7492F1-AF9E-41CE-B94C-BC7B98EAEAEB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2016-07-06] ()
Task: {30CEB371-1E08-4188-8984-BCBF880E86C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-28] (Adobe Systems Incorporated)
Task: {32FD5AA6-2DB8-4649-80F0-3D4AC5D8902A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {39A9F29C-FF8C-4356-AE0E-F09700CA4A9C} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {3A94C1D7-491B-4481-8490-783C66B364D0} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2016-07-06] ()
Task: {40A9C6E6-7422-4660-9971-5FC1201A25FC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-02] (AVAST Software)
Task: {585EC883-F50D-4365-8BB2-421EA561C8F9} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {61BD3CD7-ABE6-444C-AAA2-C5A66B123018} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-10-21] ()
Task: {6C6256BD-8C35-4E21-B9EC-1B8157A45CCC} - System32\Tasks\{EDB6CCAF-7385-4F0D-81BB-3907F76463EA} => pcalua.exe -a "C:\Program Files (x86)\WildGames\Uninstall.exe"
Task: {7510DD46-9F1F-47BC-AC21-68BF7D20F90F} - System32\Tasks\{46AC75F9-7279-44FE-B6C8-0D1DB47FE976} => pcalua.exe -a C:\Users\Slamak\Downloads\AZ_AlbumMaker_setup(1).exe -d C:\Users\Slamak\Downloads
Task: {880E63BE-025F-4980-99B1-BE34455CFCF1} - System32\Tasks\{1A614DCE-B283-40EF-8D8F-3F54D8AD6629} => pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4719.1002 culture=cs-cz productstoremove=O365HomePremRetail_cs-cz_x-none
Task: {C836D59B-3725-4582-A701-1D3602BD53BD} - System32\Tasks\avastBCLRestartS-1-5-21-3621977129-2832859686-462106091-1001 => Firefox.exe
Task: {E2645371-307B-4252-8393-D1F4C609C258} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {E79DD6A7-60B0-4E62-BBCB-2D65C360B4B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {F477C497-7AE6-4D99-ABC8-1ED9726E8AF6} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Slamak\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com
Shortcut: C:\Users\Slamak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StepMania\Go To StepMania web site.lnk -> hxxp://www.stepmania.com

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 07:36 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-03-28 19:07 - 2016-03-28 19:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-21 22:03 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 20:43 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 20:43 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 20:43 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 20:43 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 21:00 - 2017-03-09 01:16 - 00112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2013-02-08 21:09 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00427008 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\01672ae7c7afb9bd6c248780924ab646\MailClient.Mail.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00884736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\14042f7cacb7349f4177945047b9d325\HTMLEditorControl.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00250368 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\4752696212f458517254b48565824574\MailClient.Collections.ni.dll
2016-09-25 18:29 - 2016-09-25 18:29 - 00552960 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\be7f4a9f2c42f4114e467843b6edacc2\LinqBridge.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 02072576 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Accounts\0ef2c7406dfad904ff5b15434ca778c1\MailClient.Accounts.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00445952 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Storage\a6c4da91296c1b2722242ba4bf900879\MailClient.Storage.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 02297856 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\4eb7635be70c13df4c90d117cd472e7a\MailClient.Common.UI.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00020480 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\37fddd51705d8ba64729fd21a24f53e8\MailClient.Interop.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 03458048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Protocols\e1f4ab2cbaa22fa905dc181e9a02f80b\MailClient.Protocols.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 02324992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Xilium.CefGlue\2cb3d507c7b81167657634ad1b3e94f3\Xilium.CefGlue.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00095232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WinApi\1087b36941fb59d72516a5da4161926c\WinApi.ni.dll
2016-09-21 15:40 - 2016-09-21 15:40 - 55719424 _____ () C:\Program Files (x86)\eM Client\libcef.DLL
2016-09-21 15:39 - 2016-09-21 15:39 - 00871936 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00075264 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Threading\2c48367896661f8a05b59f0c391a2b88\MailClient.Threading.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00088576 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Streams\2fb5ac0a0311a3b23ae464f787bd4f4c\MailClient.Streams.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00579584 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1fd7a4e5#\5e914ec4f789317eba301304e8c200c2\MailClient.Storage.Mail.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00101376 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.b2c914c9#\44565897bd391d05e1d685891afe8d17\MailClient.Storage.Folders.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00046592 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Commands\22fef55274139b1ffd65c0befd05ae40\MailClient.Commands.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00048640 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.5331ec95#\9554a055f06b61be8e8a33feb56881ca\MailClient.Storage.Attachment.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00260608 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.6df617c9#\0958828a4d56ad43f774cb0157bc6f1a\MailClient.Storage.Schedule.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00231936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.f2c61d2c#\5ac5347a5ad381b7788f730dcf211591\MailClient.Storage.Contact.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00074240 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.9a79bc48#\8bf96278e5de3c98e6067a3161e39f09\MailClient.Storage.IM.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00577024 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Schedule\fab297db3fd7a78e51ab91ec13b6ed39\MailClient.Schedule.ni.dll
2016-09-25 18:30 - 2016-09-25 18:30 - 00082944 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\1e373d482a3d65870cd646f07486ff6f\SystemCoreTimeZone.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00031744 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.4824fbfc#\70e92322dd4a49a9f098b1dd46edf810\MailClient.Storage.Category.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00087552 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.d8481e79#\8858d391b653ff8ddacdf458cd9ef3d5\MailClient.Storage.Certificate.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00031232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.c1d859fa#\fc1dc6d64b98a30cb489beddb109ad14\MailClient.Storage.Security.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00027136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.c3eb0b89#\941b94f000f443220b0a8c844a44a8ca\MailClient.Storage.Snippet.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00035840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.319ca19c#\3411f9e5358aa60dc40ad8c9d328271c\MailClient.Storage.Template.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00023040 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.IM\63f202338b1bdd297c19232f0c37de23\MailClient.IM.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00030208 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1fe73d22#\4caf6c30886e599ffdfe0f3d25aa5de3\MailClient.Storage.Rule.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00020992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.ff7bbfa2#\b78f7303721488d4e0acfc18ba25dab0\MailClient.Attachment.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00412160 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Contact\87f1d1d8ff3f0cc4bffc7f79f4fc5a0f\MailClient.Contact.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00075264 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Xilium.CefG0f485e28#\4c910c9b6edbf2edf4e70a40a90477fa\Xilium.CefGlue.WindowsForms.ni.dll
2017-02-09 11:41 - 2017-02-09 11:41 - 00027136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.a758b3a0#\75dbf0e62cbb0d61224f1efa288707bb\MailClient.Storage.Widget.ni.dll
2016-09-25 18:30 - 2016-09-25 18:30 - 01567744 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\d7e36651ac19471a87dbdf681093ecad\WindowsAPICodePack.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00095744 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\57c43e06e4105185d97de1fa4f13d703\MailClient.Sasl.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00253440 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\6226d0ab9b6873fb964742ae9fa2f66c\MailClient.Imap.Base.ni.dll
2017-02-09 11:40 - 2017-02-09 11:40 - 00041472 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.2d2de33e#\a6e2c2ce679ca60df8e30e94c2819150\MailClient.HtmlConversion.ni.dll
2017-03-02 19:44 - 2017-03-02 19:44 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-03 13:08 - 2016-07-03 13:08 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-02 19:43 - 2017-03-02 19:43 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-02 19:44 - 2017-03-02 19:44 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-02 22:45 - 2017-03-02 22:44 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-03-09 19:25 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3621977129-2832859686-462106091-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Slamak\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Acer Backup Manager Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "RadioController"
HKLM\...\StartupApproved\Run32: => "NtVdmSrv"
HKLM\...\StartupApproved\Run32: => "LManager"
HKLM\...\StartupApproved\Run32: => "Monitor"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3621977129-2832859686-462106091-1001\...\StartupApproved\Run: => "ProgLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DA525EAC-6852-482F-AA63-74E18CFA687B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{983CF36B-CB3D-4385-971B-FD79973B6783}] => (Allow) LPort=1900
FirewallRules: [{C20889E0-6A14-404A-BE8A-6309D99072A4}] => (Allow) LPort=2869
FirewallRules: [{9431EEC7-ED77-47CF-A15D-FF8F6E28B0B1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{1EF1063B-344D-4257-81B2-F94ECA4C15BB}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{54DC1741-7570-4420-B713-C0B174C039A9}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{3BCF9347-E346-46E0-B33F-A4BC67D2A2EF}] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{064AD829-5C27-47EF-AE3D-2FC9FA0C2312}] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{7B39F568-61F0-4193-875D-D29EFB358C9F}] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [{13F9C526-59E9-4DE2-BA2C-2320D4C8DBD7}] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{99F5D564-1C52-4ED1-90FF-F546A28BC91E}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{4CD18BA7-7FEA-4FC5-9849-F5C422EECF5C}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{209C1F0F-6329-458A-B4A6-7DD85D1F1A77}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{A9789E06-29D9-4BCA-AC6E-1484948C3FFD}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{76C5B11D-E3B1-4EA6-9084-3A45E83D0B0E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{54138E86-28AE-4ED8-8835-64438D0A2B9D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7C0852DB-1D41-4918-AFCA-448A793918F7}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{E2CD2A1C-03FB-455B-9231-AC5C53314E76}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{9842AC32-6485-453D-8FFC-A38E68AE5A84}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{49D6C8F0-2D7A-42CB-86BB-547F812FEF5C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{E8C9F16C-DD0C-45EC-B7CE-D1FA42A123A6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B98B703E-E1A4-4826-A256-1E06246CFF86}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{4438A42E-CA01-487A-A81F-96AD350C6535}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{A85D8387-645E-44E9-94E1-34AA456EB606}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{BFCFDD45-68EB-4105-8726-73306E3B622A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{33049DF9-DBBD-4769-9505-68649786D112}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{1DCA56D4-AD07-48B8-8297-ABD1F86884C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{DDC7E40F-1333-444F-B1B6-E83D9E46BDD7}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{0765CE9F-2F1D-46EF-BA2D-8035F6F32525}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{787E5484-3AEB-4774-A241-823C0F3D7FC3}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{BE1DCC74-2862-4763-B8E4-73A2264E94C1}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{5CEF367C-579E-4CA3-8269-AA0A5F195804}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{93A5B1E3-0F5F-41E7-AEED-71D9A29FE05E}] => (Allow) LPort=54925
FirewallRules: [{ED95B026-8EE2-48BA-A20C-78F41E095F3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B889CF8-37E5-4CC8-A046-2198B81E3151}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3F197BA-31E7-477E-9BB3-4180D5FEAA98}] => (Allow) C:\Program Files (x86)\Hry.cz\Nightmares from the Deep The Sirens Call\Nocnimurazhlubin_VolaniSireny.exe
FirewallRules: [TCP Query User{82F58A0E-8AC8-483F-85FE-1DD266BB7CF0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{328DF6A7-3A5F-49FD-9071-2666B4016B18}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B1029764-1F37-4419-9554-D6C613B735F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EA82611E-15D4-4328-8C80-B987426B92D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63BEB568-CDE7-4A80-98B3-911641C9829E}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{30CB0268-27E1-4B48-B980-938917BA621B}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{FE085ABC-22CA-4390-8736-2CA26E883E36}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{952311B2-4BB1-4F48-912D-75986740EF7F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{6853868E-3294-4265-B6FC-0B31B1EEAF5A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F6F4E9A0-1709-4F31-9BD2-A1E011E8D7EE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2017 07:14:27 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/16/2017 07:14:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/15/2017 08:38:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SlamakAcer)
Description: Balíček Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/14/2017 07:22:03 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\Slamak\Desktop\FRST64.exe; Popis = Restore Point Created by FRST; Chyba = 0x8004230f).

Error: (03/14/2017 07:21:58 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zkontrolovat, zda poskytovatel podporuje svazek
Přidat svazek k sadě stínových kopií

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {00000000-0000-0000-0000-000000000000}
Kontext snímku: 4194317
Kontext spuštění: Coordinator
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
Název svazku: \\?\Volume{1e8a02e0-dd41-4ffc-806f-931e1bf7dbfa}\
Kontext spuštění: Coordinator

Error: (03/14/2017 07:21:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zkontrolovat, zda poskytovatel podporuje svazek
Přidat svazek k sadě stínových kopií

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {00000000-0000-0000-0000-000000000000}
Kontext snímku: 4194317
Kontext spuštění: Coordinator
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
Název svazku: \\?\Volume{1e8a02e0-dd41-4ffc-806f-931e1bf7dbfa}\
Kontext spuštění: Coordinator

Error: (03/14/2017 07:21:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/14/2017 07:21:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny GetProviderMgmtInterface došlo k neočekávané chybě. hr= 0x8004230f, Při pokusu o zpracování určené operace došlo k neočekávané chybě zprostředkovatele stínové kopie.
.

Error: (03/14/2017 07:21:49 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Získávání rozhraní správy zprostředkovatele

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {00000000-0000-0000-0000-000000000000}
Kontext snímku: -1
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (03/14/2017 07:21:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Získávání rozhraní správy zprostředkovatele

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {00000000-0000-0000-0000-000000000000}
Kontext snímku: -1
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}


System errors:
=============
Error: (03/16/2017 06:07:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2017 05:01:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2017 03:33:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2017 01:57:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/16/2017 07:07:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 10:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 09:40:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 09:10:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 07:58:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/15/2017 07:52:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 50%
Total physical RAM: 3909.28 MB
Available physical RAM: 1920.57 MB
Total Virtual: 4613.28 MB
Available Virtual: 2428.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:911.75 GB) (Free:362.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4B1BB8FD)

Partition: GPT.

==================== End of Addition.txt ============================

opet vytvor TXT soubor, ktery pojmenujes fixlist.txt a do nej vloz nasledujici text:

start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:

CHR StartupUrls: Default -> "hxxp://websearch.just-browse.info/"
end

Žádná změna



Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Slamak (18-03-2017 12:28:54) Run:3
Running from C:\Users\Slamak\Desktop
Loaded Profiles: Slamak (Available Profiles: Slamak)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:

CHR StartupUrls: Default -> "hxxp://websearch.just-browse.info/"
end



*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.
Chrome StartupUrls => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 51897800 B
Java, Flash, Steam htmlcache => 2906 B
Windows/system/drivers => 321798 B
Edge => 0 B
Chrome => 0 B
Firefox => 340794913 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6530 B
NetworkService => 0 B
Slamak => 35503977 B

RecycleBin => 379534793 B
EmptyTemp: => 770.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:31:55 ====