VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=153962

Stránka 1 z 1

Prosím o kontrolu logu

Napsal: 17 bře 2018 11:36
od Roman78
Dobrý den, chtěl bych poprosit o kontrolu logu. Zdá se mi, že i když mám spuštěnou jednu internetovou stránku, tak jede paměť přes 80 procent. Nebo například píšu text a na chvíli musím vždy zastavit než se text dopíše. Celkově je můj notebook jakoby zamrznutý. Moc děkuji za pomoc.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Roman Janas (17-03-2018 11:27:04)
Running from C:\Users\ROMAN JANAS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-13 22:43:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3828099873-3605611314-608352903-500 - Administrator - Disabled)
Guest (S-1-5-21-3828099873-3605611314-608352903-501 - Limited - Disabled)
Roman Janas (S-1-5-21-3828099873-3605611314-608352903-1000 - Administrator - Enabled) => C:\Users\Roman Janas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
American Conquest (HKLM-x32\...\American Conquest) (Version: - )
Apowersoft Online Launcher verze 1.6.1 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.6.1 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.149 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.149 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
Counter-Strike 1.6 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\Counter-Strike 1.6) (Version: - )
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Document Express DjVu Plug-in (HKLM\...\{63D38589-F9D9-4851-A37F-E142A8D14A32}) (Version: 6.1.35472 - Cuminas Corporation)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
ESET NOD32 Antivirus (HKLM\...\{D44F6B96-987A-47FF-AC37-4C82CD9DAE15}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Facebook Gameroom 1.8.6429.23271 (HKLM-x32\...\{D71E0CAE-F4B3-499E-B515-396B02139A39}) (Version: 1.8.6429.23271 - Facebook)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
HP Battery Check (HKLM-x32\...\HP Battery Check) (Version: 4.3.2.2 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.8.47.1 - HP Inc.)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.3268 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6648 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1029}) (Version: 8.3.309 - Nero AG)
Nero 9 Essentials (HKLM-x32\...\{6c2cf816-e4bb-4610-87b9-856901d3e81b}) (Version: - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NeroVision Express 3 (HKLM-x32\...\NeroVision!UninstallKey) (Version: - )
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roblox Player for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
ROBLOX Studio for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Ruská - rozložení jako latinka (1.1.1) (HKLM\...\{99CD43A2-7D5D-48C9-AF37-D42202648235}) (Version: 1.0.3.40 - Đonny)
SCR3xxx Smart Card Reader (HKLM-x32\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Služba Xperia Companion (HKLM\...\{86C9336F-6376-4E86-A09A-EA7177DEC3D5}) (Version: 1.7.2.0 - Sony) Hidden
Sothink FLV Player (HKLM-x32\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streaming Audio Recorder V4.1.8 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.1.8 - APOWERSOFT LIMITED)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Unity Web Player (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{058506CE-4E1C-4087-878E-61D8B5F8F47A}) (Version: 1.7.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{65415473-2761-4ee3-85c1-5fdf086444c6}) (Version: 1.7.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-06] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02C34753-094D-45C5-B82A-1231BD30BE2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {0EC8968F-2476-4D90-82C5-565B8E0E7EC9} - System32\Tasks\{7EA5EC10-EEFB-4000-87DD-9778FBCEF30C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX\dxsetup.exe" -d "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX"
Task: {2A58DC17-19EC-4FB3-A407-00BAB1B84702} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {45E133AD-F3D6-4724-9B2A-E0FB074C5B22} - System32\Tasks\{3F6A2BFC-3047-4CF3-89BC-A29E1652FB8B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\sp62061.exe" -d "C:\Users\Roman Janas\Downloads"
Task: {4C7501B3-EDB2-4AC2-A669-FFAB5E70930D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5098A890-9F05-4F8F-B3FC-7AAB3654857C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {529AC17D-2297-40E3-91DC-8596953083FA} - System32\Tasks\{FC01EA8F-F8E7-4543-B09F-1144EF6FE8A2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\American Conquest CZ 1.1.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {591977A4-F903-4B01-99CD-AE20DD52943C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-10] (AVAST Software)
Task: {5BFA3B3F-EFFC-4245-B006-FF3B2194F62F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7E0EDAC2-BCE8-4D84-A6AE-EFC3B937B228} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {8B026742-D86A-4B93-B241-D6E11AEACF08} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {912B34B5-D34C-439C-9972-B69CFA2FD199} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9B2246EA-2BFE-4414-819D-64C57E6855BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {B8282474-E1BA-46B8-B6BF-35E58F8B83E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BDAAB309-8685-4637-8740-F3DCBCD762D6} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3828099873-3605611314-608352903-1000 => C:\Users\Roman Janas\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {C1E4FA27-9505-441F-90DB-4CA61A97D864} - System32\Tasks\{0F98F8EB-2B09-460D-938F-56E7ADA6B423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\Extractor.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {D13FCAB9-68CF-4458-BE58-118F8FD04C73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {F63DA266-AD03-446F-8650-BB47EE2AB5D4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {F97C00F0-D83F-4ACC-8744-F0FB4A745340} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {FF4E2E25-9E9B-4B70-BADE-6E44DADEF849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-16 15:08 - 2017-03-16 15:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-17 10:43 - 2017-11-13 15:46 - 000092368 _____ () C:\Users\Roman Janas\AppData\Roaming\Seznam.cz\bin\1515libfoxloader-x64.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-15 04:42 - 2014-01-15 04:42 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-11-14 14:38 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
2013-10-17 22:28 - 2013-10-17 22:28 - 000028672 _____ () C:\WINDOWS\SYSTEM32\VALWBFPOLICYSERVICE.EXE
2018-03-02 22:32 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\WINDOWS\SYSTEM32\IccLibDll_x64.dll
2017-03-27 11:20 - 2017-03-27 11:20 - 001354040 _____ () C:\PROGRAM FILES\ITUNES\libxml2.dll
2017-03-27 11:20 - 2017-03-27 11:20 - 000092472 _____ () C:\PROGRAM FILES\ITUNES\zlib1.dll
2016-11-23 18:17 - 2017-11-13 15:38 - 000506064 _____ () C:\USERS\ROMAN JANAS\APPDATA\ROAMING\SEZNAM.CZ\BIN\SZNDESKTOP.EXE
2016-11-23 18:17 - 2017-02-08 12:39 - 000080576 _____ () C:\USERS\ROMAN JANAS\APPDATA\ROAMING\SEZNAM.CZ\BIN\LISTICKA-X64.EXE
2016-11-14 14:38 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2016-11-14 14:38 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2016-11-14 14:38 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2016-11-14 14:38 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2017-08-06 07:56 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-06 07:56 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-06 07:56 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 001157632 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\CefSharp.Core.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 068178432 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\libcef.dll
2018-03-17 10:43 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\Roman Janas\AppData\Roaming\Seznam.cz\bin\1515libfoxloader.dll
2017-09-10 21:51 - 2017-09-10 21:51 - 000798208 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\libsodium.dll
2016-11-14 18:30 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 000748032 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 002246144 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\libglesv2.dll
2017-08-08 12:02 - 2017-08-08 12:02 - 000079360 _____ () C:\Users\Roman Janas\AppData\Local\Facebook\Games\libegl.dll
2016-11-23 18:17 - 2015-05-26 12:38 - 000862888 _____ () C:\Users\Roman Janas\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-11-23 18:17 - 2016-11-01 09:53 - 000995840 _____ () C:\Users\Roman Janas\AppData\Roaming\Seznam.cz\bin\libchinst.dll
2017-10-18 22:58 - 2017-10-18 22:58 - 000570368 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman Janas\Pictures\Picasa\Pozadí\picasabackground-003.bmp
DNS Servers: 185.67.189.2 - 185.67.189.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7DBA6CB1-0A17-409E-9034-8902FDB42699}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46489C85-7D26-4805-B582-4E753CB23196}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{045568EF-4348-46CC-98BB-6CB9C82D28CB}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [UDP Query User{7ECF431F-DD36-4892-AE2A-7B2852C2F5ED}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [TCP Query User{7823293F-855B-4782-BBED-33EFFDAE2C83}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6483C747-616A-4E21-AD8D-F5E5FC1EB477}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{106AF63B-B002-4696-BC11-F9AE5A65AB78}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{64B321F8-DE8C-4A4C-867A-7F94C270ED25}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{5AB69803-682A-4966-8D85-F94EA5D2F3C4}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{4F083AD1-652A-4F2B-A3C1-5A4FEC36D9AA}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{7F6DF90E-EFA2-4E35-928D-7C6D0751711A}] => (Allow) LPort=80
FirewallRules: [{EFD269CF-104E-4C4D-8C54-7DA0646EBFE6}] => (Allow) LPort=443
FirewallRules: [{460D3937-BFD5-47B4-91A2-1AA48B5F2CB1}] => (Allow) LPort=20010
FirewallRules: [{1297A868-1975-490B-A628-015249D0CF56}] => (Allow) LPort=3478
FirewallRules: [{285005C4-B9CF-4621-A23E-D586F934058E}] => (Allow) LPort=7850
FirewallRules: [{5287D3D8-603F-4571-8442-2FC5FC236B21}] => (Allow) LPort=7852
FirewallRules: [{8467964D-96AD-4649-8CBD-7B3FE5AA54AE}] => (Allow) LPort=7853
FirewallRules: [{DA498C50-8BB5-4B9C-B184-45034BE50922}] => (Allow) LPort=27022
FirewallRules: [{F01CFDB2-44D3-478E-A95B-08873F89AF83}] => (Allow) LPort=6881
FirewallRules: [{6E9C0245-6DC0-4566-A1FE-7A5894A4AB23}] => (Allow) LPort=33333
FirewallRules: [{0E48C419-9AAF-4274-BAAD-4BF0C632EE36}] => (Allow) LPort=20443
FirewallRules: [{B319979B-47A8-44D3-9ACA-FE28F6D49250}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{D4B3546E-4393-4D0D-9C2F-5912F66EB92B}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{B3F8893B-4D34-4F48-82D9-35EDA24379F2}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{E5441FAF-F14F-4605-84DE-54F27D3FA171}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [UDP Query User{8CDA41D3-A187-47FD-91A9-680FF8D291A2}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [TCP Query User{F8D6ECF2-2158-42B4-8C5C-F05812B77640}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{199ECE93-372D-4BCF-9B7D-723AC005F861}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4B95ECF2-3D34-4174-AA66-A999524AC735}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{2E55B530-C375-45BB-9D9B-5655774F0875}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{95489A16-8394-4B80-9E65-7D9AB5A99C30}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{446ED07F-2C24-43AC-A17A-2E97127B6558}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{9300D633-0B77-4383-A4CF-BA6EEBD99826}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A27FEED3-A574-4092-AB57-B384FE191354}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0CD1EC2B-1285-4CD6-8183-FB2F7ECF6905}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C0BAEAEA-58D9-44A7-925A-2DAB4F14EB3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{094C1709-C1BE-4EF9-9233-62AF1954F60B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E9EDB444-882C-4072-A1D5-FDFB9B50CF2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CF0C9139-0066-4D91-809B-3DF2D918E65B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{4638E5C9-C851-4B88-B08E-E0A01809CB30}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{9BC50027-5531-498E-8ABF-175F346F87CA}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4848FDCA-B426-4E6C-AADF-3D2560BA2839}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{8C9EB861-1322-4026-BBBF-CAA6C828F4EC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{ABE6EC94-2FE3-46F4-8177-FB01E2F2C7B6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{6B329426-C7AC-4353-9352-875310338CB5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{3086C94F-A6A2-4F35-9241-DF4D2566429B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [TCP Query User{ED87B26F-CE04-4465-A068-0696134F375A}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [UDP Query User{D015BF35-04DB-4C7E-BB44-868FA83F70B3}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [{CE5F6A2C-23D6-4E33-BF18-FADDD756F855}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C5CEB7B-9349-4B11-BC98-03C0E1933888}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39C5558F-DA7E-43A7-8F9E-78D88FA53C3E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{732518DB-11B1-4AFE-B990-5FDF49F51E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0674AC1-ADE5-475C-BCB7-83192B7351E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{E2343E49-7969-4D4A-AE2F-45700CEB28E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{24FD85B3-567A-45DB-831F-685ABDAFB4E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E81CBA5-B0A3-43EC-9BA5-AC539E0B4D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDE7D0BF-D022-43C8-9ACF-E2451F076ECF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

23-01-2018 17:19:26 Naplánovaný kontrolní bod
24-02-2018 13:14:56 Naplánovaný kontrolní bod
17-03-2018 09:24:17 Removed Call of Duty(R) 2
17-03-2018 09:50:59 Removed Medal of Honor Airborne Demo

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2018 11:30:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SpywareTerminatorUpdate.exe, verze: 3.0.1.111, časové razítko: 0x58a4530a
Název chybujícího modulu: TorrentDll.dll, verze: 3.0.0.1, časové razítko: 0x4dbe5f67
Kód výjimky: 0xc0000417
Posun chyby: 0x00132780
ID chybujícího procesu: 0x1274
Čas spuštění chybující aplikace: 0x01d3bd5471ab8027
Cesta k chybující aplikaci: C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Spyware Terminator\TorrentDll.dll
ID zprávy: aa2060b6-2969-11e8-9646-70f395cc9f9f

Error: (02/24/2018 07:58:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: c1de7427-1994-11e8-803e-70f395cc9f9f

Error: (02/24/2018 07:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: a2d3adfb-1994-11e8-803e-70f395cc9f9f

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7114

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7114


System errors:
=============
Error: (03/17/2018 10:48:38 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 09:48:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/17/2018 09:48:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2018 09:48:38 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 09:23:55 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: Nelze spustit DCOM Server: {B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE} jako /. Došlo k chybě:
%%740 = Požadovaná operace vyžaduje zvýšená oprávnění.
při provádění příkazu:
C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding

Error: (03/17/2018 09:04:44 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 08:05:34 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 08:05:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


CodeIntegrity:
===================================

Date: 2017-09-11 14:28:26.393
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:24.025
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.290
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.847
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.455
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 79%
Total physical RAM: 3887.43 MB
Available physical RAM: 785.86 MB
Total Virtual: 7773.04 MB
Available Virtual: 3591.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:32.83 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:14.93 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{4f9b778f-a9f1-11e6-ada3-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AEDA26BE)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 12:41
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 13:02
od Roman78
Nový log
# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 17 11:53:14 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: Hover Zoom -
Plugin deleted: Google Input Tools -
SearchProvider deleted: delta-homes - delta-homes
SearchProvider deleted: delta-homes - delta-homes
SearchProvider deleted: Slunečnice - slunecnice.cz
SearchProvider deleted: omiga-plus - omiga-plus


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1801 B] - [2018/3/17 11:49:23]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 15:34
od Rudy
Dejte nový log FRST+Additional.

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 17:24
od Roman78
Nový log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Roman Janas (17-03-2018 17:21:52)
Running from C:\Users\ROMAN JANAS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-13 22:43:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3828099873-3605611314-608352903-500 - Administrator - Disabled)
Guest (S-1-5-21-3828099873-3605611314-608352903-501 - Limited - Disabled)
Roman Janas (S-1-5-21-3828099873-3605611314-608352903-1000 - Administrator - Enabled) => C:\Users\Roman Janas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
American Conquest (HKLM-x32\...\American Conquest) (Version: - )
Apowersoft Online Launcher verze 1.6.1 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.6.1 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.149 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.149 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
Counter-Strike 1.6 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\Counter-Strike 1.6) (Version: - )
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Document Express DjVu Plug-in (HKLM\...\{63D38589-F9D9-4851-A37F-E142A8D14A32}) (Version: 6.1.35472 - Cuminas Corporation)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
ESET NOD32 Antivirus (HKLM\...\{D44F6B96-987A-47FF-AC37-4C82CD9DAE15}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Facebook Gameroom 1.8.6429.23271 (HKLM-x32\...\{D71E0CAE-F4B3-499E-B515-396B02139A39}) (Version: 1.8.6429.23271 - Facebook)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
HP Battery Check (HKLM-x32\...\HP Battery Check) (Version: 4.3.2.2 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.8.47.1 - HP Inc.)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.3268 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6648 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1029}) (Version: 8.3.309 - Nero AG)
Nero 9 Essentials (HKLM-x32\...\{6c2cf816-e4bb-4610-87b9-856901d3e81b}) (Version: - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NeroVision Express 3 (HKLM-x32\...\NeroVision!UninstallKey) (Version: - )
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roblox Player for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
ROBLOX Studio for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Ruská - rozložení jako latinka (1.1.1) (HKLM\...\{99CD43A2-7D5D-48C9-AF37-D42202648235}) (Version: 1.0.3.40 - Đonny)
SCR3xxx Smart Card Reader (HKLM-x32\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Služba Xperia Companion (HKLM\...\{86C9336F-6376-4E86-A09A-EA7177DEC3D5}) (Version: 1.7.2.0 - Sony) Hidden
Sothink FLV Player (HKLM-x32\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streaming Audio Recorder V4.1.8 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.1.8 - APOWERSOFT LIMITED)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Unity Web Player (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{058506CE-4E1C-4087-878E-61D8B5F8F47A}) (Version: 1.7.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{65415473-2761-4ee3-85c1-5fdf086444c6}) (Version: 1.7.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-06] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02C34753-094D-45C5-B82A-1231BD30BE2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {0EC8968F-2476-4D90-82C5-565B8E0E7EC9} - System32\Tasks\{7EA5EC10-EEFB-4000-87DD-9778FBCEF30C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX\dxsetup.exe" -d "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX"
Task: {2A58DC17-19EC-4FB3-A407-00BAB1B84702} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {45E133AD-F3D6-4724-9B2A-E0FB074C5B22} - System32\Tasks\{3F6A2BFC-3047-4CF3-89BC-A29E1652FB8B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\sp62061.exe" -d "C:\Users\Roman Janas\Downloads"
Task: {4C7501B3-EDB2-4AC2-A669-FFAB5E70930D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5098A890-9F05-4F8F-B3FC-7AAB3654857C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {529AC17D-2297-40E3-91DC-8596953083FA} - System32\Tasks\{FC01EA8F-F8E7-4543-B09F-1144EF6FE8A2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\American Conquest CZ 1.1.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {591977A4-F903-4B01-99CD-AE20DD52943C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-10] (AVAST Software)
Task: {5BFA3B3F-EFFC-4245-B006-FF3B2194F62F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7E0EDAC2-BCE8-4D84-A6AE-EFC3B937B228} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {8B026742-D86A-4B93-B241-D6E11AEACF08} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {912B34B5-D34C-439C-9972-B69CFA2FD199} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9B2246EA-2BFE-4414-819D-64C57E6855BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {B8282474-E1BA-46B8-B6BF-35E58F8B83E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BDAAB309-8685-4637-8740-F3DCBCD762D6} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3828099873-3605611314-608352903-1000 => C:\Users\Roman Janas\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {C1E4FA27-9505-441F-90DB-4CA61A97D864} - System32\Tasks\{0F98F8EB-2B09-460D-938F-56E7ADA6B423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\Extractor.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {D13FCAB9-68CF-4458-BE58-118F8FD04C73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {F63DA266-AD03-446F-8650-BB47EE2AB5D4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {F97C00F0-D83F-4ACC-8744-F0FB4A745340} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {FF4E2E25-9E9B-4B70-BADE-6E44DADEF849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-16 15:08 - 2017-03-16 15:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-15 04:42 - 2014-01-15 04:42 - 000351824 _____ () C:\PROGRAMDATA\DATACARDSERVICE\HWDEVICESERVICE64.EXE
2016-11-14 14:38 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
2013-10-17 22:28 - 2013-10-17 22:28 - 000028672 _____ () C:\WINDOWS\SYSTEM32\VALWBFPOLICYSERVICE.EXE
2018-03-02 22:32 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\WINDOWS\SYSTEM32\IccLibDll_x64.dll
2016-11-14 14:38 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2016-11-14 14:38 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2016-11-14 14:38 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2016-11-14 14:38 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2017-08-06 07:56 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-06 07:56 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-06 07:56 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-11-14 18:30 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-10-18 22:58 - 2017-10-18 22:58 - 000570368 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman Janas\Pictures\Picasa\Pozadí\picasabackground-003.bmp
DNS Servers: 185.67.189.2 - 185.67.189.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7DBA6CB1-0A17-409E-9034-8902FDB42699}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46489C85-7D26-4805-B582-4E753CB23196}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{045568EF-4348-46CC-98BB-6CB9C82D28CB}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [UDP Query User{7ECF431F-DD36-4892-AE2A-7B2852C2F5ED}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [TCP Query User{7823293F-855B-4782-BBED-33EFFDAE2C83}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6483C747-616A-4E21-AD8D-F5E5FC1EB477}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{106AF63B-B002-4696-BC11-F9AE5A65AB78}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{64B321F8-DE8C-4A4C-867A-7F94C270ED25}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{5AB69803-682A-4966-8D85-F94EA5D2F3C4}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{4F083AD1-652A-4F2B-A3C1-5A4FEC36D9AA}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{7F6DF90E-EFA2-4E35-928D-7C6D0751711A}] => (Allow) LPort=80
FirewallRules: [{EFD269CF-104E-4C4D-8C54-7DA0646EBFE6}] => (Allow) LPort=443
FirewallRules: [{460D3937-BFD5-47B4-91A2-1AA48B5F2CB1}] => (Allow) LPort=20010
FirewallRules: [{1297A868-1975-490B-A628-015249D0CF56}] => (Allow) LPort=3478
FirewallRules: [{285005C4-B9CF-4621-A23E-D586F934058E}] => (Allow) LPort=7850
FirewallRules: [{5287D3D8-603F-4571-8442-2FC5FC236B21}] => (Allow) LPort=7852
FirewallRules: [{8467964D-96AD-4649-8CBD-7B3FE5AA54AE}] => (Allow) LPort=7853
FirewallRules: [{DA498C50-8BB5-4B9C-B184-45034BE50922}] => (Allow) LPort=27022
FirewallRules: [{F01CFDB2-44D3-478E-A95B-08873F89AF83}] => (Allow) LPort=6881
FirewallRules: [{6E9C0245-6DC0-4566-A1FE-7A5894A4AB23}] => (Allow) LPort=33333
FirewallRules: [{0E48C419-9AAF-4274-BAAD-4BF0C632EE36}] => (Allow) LPort=20443
FirewallRules: [{B319979B-47A8-44D3-9ACA-FE28F6D49250}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{D4B3546E-4393-4D0D-9C2F-5912F66EB92B}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{B3F8893B-4D34-4F48-82D9-35EDA24379F2}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{E5441FAF-F14F-4605-84DE-54F27D3FA171}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [UDP Query User{8CDA41D3-A187-47FD-91A9-680FF8D291A2}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [TCP Query User{F8D6ECF2-2158-42B4-8C5C-F05812B77640}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{199ECE93-372D-4BCF-9B7D-723AC005F861}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4B95ECF2-3D34-4174-AA66-A999524AC735}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{2E55B530-C375-45BB-9D9B-5655774F0875}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{95489A16-8394-4B80-9E65-7D9AB5A99C30}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{446ED07F-2C24-43AC-A17A-2E97127B6558}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{9300D633-0B77-4383-A4CF-BA6EEBD99826}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A27FEED3-A574-4092-AB57-B384FE191354}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0CD1EC2B-1285-4CD6-8183-FB2F7ECF6905}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C0BAEAEA-58D9-44A7-925A-2DAB4F14EB3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{094C1709-C1BE-4EF9-9233-62AF1954F60B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E9EDB444-882C-4072-A1D5-FDFB9B50CF2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CF0C9139-0066-4D91-809B-3DF2D918E65B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{4638E5C9-C851-4B88-B08E-E0A01809CB30}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{9BC50027-5531-498E-8ABF-175F346F87CA}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4848FDCA-B426-4E6C-AADF-3D2560BA2839}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{8C9EB861-1322-4026-BBBF-CAA6C828F4EC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{ABE6EC94-2FE3-46F4-8177-FB01E2F2C7B6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{6B329426-C7AC-4353-9352-875310338CB5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{3086C94F-A6A2-4F35-9241-DF4D2566429B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [TCP Query User{ED87B26F-CE04-4465-A068-0696134F375A}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [UDP Query User{D015BF35-04DB-4C7E-BB44-868FA83F70B3}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [{CE5F6A2C-23D6-4E33-BF18-FADDD756F855}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C5CEB7B-9349-4B11-BC98-03C0E1933888}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39C5558F-DA7E-43A7-8F9E-78D88FA53C3E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{732518DB-11B1-4AFE-B990-5FDF49F51E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0674AC1-ADE5-475C-BCB7-83192B7351E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{E2343E49-7969-4D4A-AE2F-45700CEB28E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{24FD85B3-567A-45DB-831F-685ABDAFB4E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E81CBA5-B0A3-43EC-9BA5-AC539E0B4D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDE7D0BF-D022-43C8-9ACF-E2451F076ECF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

23-01-2018 17:19:26 Naplánovaný kontrolní bod
24-02-2018 13:14:56 Naplánovaný kontrolní bod
17-03-2018 09:24:17 Removed Call of Duty(R) 2
17-03-2018 09:50:59 Removed Medal of Honor Airborne Demo

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2018 11:30:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SpywareTerminatorUpdate.exe, verze: 3.0.1.111, časové razítko: 0x58a4530a
Název chybujícího modulu: TorrentDll.dll, verze: 3.0.0.1, časové razítko: 0x4dbe5f67
Kód výjimky: 0xc0000417
Posun chyby: 0x00132780
ID chybujícího procesu: 0x1274
Čas spuštění chybující aplikace: 0x01d3bd5471ab8027
Cesta k chybující aplikaci: C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Spyware Terminator\TorrentDll.dll
ID zprávy: aa2060b6-2969-11e8-9646-70f395cc9f9f

Error: (02/24/2018 07:58:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: c1de7427-1994-11e8-803e-70f395cc9f9f

Error: (02/24/2018 07:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: a2d3adfb-1994-11e8-803e-70f395cc9f9f

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7114

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7114


System errors:
=============
Error: (03/17/2018 05:10:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/17/2018 05:10:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2018 05:10:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 05:10:09 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 01:46:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2018 12:55:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/17/2018 12:55:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2018 12:55:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


CodeIntegrity:
===================================

Date: 2017-09-11 14:28:26.393
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:24.025
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.290
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.847
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.455
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 3887.43 MB
Available physical RAM: 2104.71 MB
Total Virtual: 7773.04 MB
Available Virtual: 5973.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:31.32 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:14.93 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{4f9b778f-a9f1-11e6-ada3-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AEDA26BE)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 18:08
od Rudy
Rudy píše:Dejte nový log FRST+Additional.
Toto je pouze additional.

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 18:19
od Roman78
Omlouvám se, tady je.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Roman Janas (administrator) on ROMANJANAS-PC (17-03-2018 18:14:15)
Running from C:\Users\ROMAN JANAS\Desktop
Loaded Profiles: Roman Janas (Available Profiles: Roman Janas)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
() C:\Windows\System32\valWBFPolicyService.exe
(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Roman Janas\Downloads\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [7032320 2016-11-14] (Broadcom Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM\...\RunOnce: [NCInstallQueue] => rundll32 netman.dll,ProcessQueue
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7555e-aa6e-11e6-9df0-70f395cc9f9f} - G:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7556c-aa6e-11e6-9df0-70f395cc9f9f} - H:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {21656a8e-b3f6-11e6-be46-70f395cc9f9f} - G:\SETUP.EXE
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {364afc2f-27e4-11e7-b625-70f395cc9f9f} - H:\startme.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {7a185352-34bc-11e7-afaf-806e6f6e6963} - H:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {937affd2-a057-11e7-81f4-806e6f6e6963} - H:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 185.67.189.2 185.67.189.4 8.8.8.8 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{40DCD0B9-030E-417E-B7A3-DC8AA7362DB7}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{4859693B-4DB1-41C2-9E5E-386A7BDB91E5}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{753B067A-F864-43F2-985C-F572FE2A3264}: [DhcpNameServer] 185.67.189.2 185.67.189.4 8.8.8.8 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {12EF96A6-F80C-4E28-B0F6-843101296C70} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {156B038D-1C90-414B-A111-194B8A28B42A} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {4DA5A8BB-3EBC-4D0E-ADDC-DAED74A27C64} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {7E1D1F3B-2046-48D3-8D4A-5200DF7E62A9} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {852013E6-A2AE-4705-8B24-AF3162E4E34A} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {93574883-556C-4BFE-B9A5-61E4569C9EB2} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {C7C34F9D-3771-43E5-9B5D-BA285C5C68B4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {CA0E9F8E-1984-413E-BF70-4EA64B8EACB1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-3828099873-3605611314-608352903-1000 -> {FC813F90-9AD3-431A-A1FB-F23FA3EE43C4} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_28314
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2017-03-16] (Crawler Group, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2017-03-16] (Crawler Group, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)

FireFox:
========
FF DefaultProfile: rt69lvcy.default
FF ProfilePath: C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default [2018-03-17]
FF Homepage: Mozilla\Firefox\Profiles\rt69lvcy.default -> hxxps://www.google.cz/
FF Extension: (FindBar Tweak) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\fbt@quicksaver.xpi [2017-01-28] [Legacy]
FF Extension: (Google search link fix) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2018-01-11]
FF Extension: (Instant Translate: Select and Translate) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\jid1-TMndP6cdKgxLcQ@jetpack.xpi [2017-09-29]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\sko-extension@firma.seznam.cz [2018-03-17]
FF Extension: (Google Translator for Firefox) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\translator@zoli.bod.xpi [2018-01-02]
FF Extension: (YouTube High Definition) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2018-01-02]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2018-03-17]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Roman Janas\AppData\Roaming\Mozilla\Firefox\Profiles\rt69lvcy.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-16] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2016-10-26] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-16] ()
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2016-12-27] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3828099873-3605611314-608352903-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Roman Janas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-03-23]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://google.cz/","ww ... oogle.com/"
CHR Profile: C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default [2018-03-17]
CHR Extension: (Prezentace) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-30]
CHR Extension: (Dokumenty) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-30]
CHR Extension: (Task Timer) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomfjmibjhhfdenfkpaodhnlhkolngif [2017-09-17]
CHR Extension: (Disk Google) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-17]
CHR Extension: (Fotor Photo Editor) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2017-09-17]
CHR Extension: (Zhasnout světla) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2018-03-16]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-23]
CHR Extension: (YouTube) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-17]
CHR Extension: (Guitar Tuner) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglmpmegfnbclojedloihcbkemoiddi [2017-09-17]
CHR Extension: (Gmail Offline) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2017-09-17]
CHR Extension: (bílý šum) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkjpdnomgodmagfmhojepjlajpoicip [2018-03-16]
CHR Extension: (Box) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2017-09-17]
CHR Extension: (Hodiny pro Google Chrome ™) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg [2017-09-17]
CHR Extension: (Photovisi - Photo Collage Maker) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emkkfkcbnpdnhgeolpbggbdogfngiadf [2017-09-17]
CHR Extension: (YoWindow Počasí Zdarma) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2017-09-17]
CHR Extension: (Tabulky) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-30]
CHR Extension: (Stupeflix Video Maker) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem [2017-09-17]
CHR Extension: (Stopky / časovač) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh [2018-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-18]
CHR Extension: (Planetarium) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2017-09-17]
CHR Extension: (AdBlock) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-16]
CHR Extension: (DocuSign - Secure Electronic Signature) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\goblijolcnempeilmnkmfbhohlpngemd [2017-09-17]
CHR Extension: (365Scores) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocaejggjgdmkhmbinicknpbhagkblop [2017-09-17]
CHR Extension: (TiltShiftMaker) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2017-09-17]
CHR Extension: (Pixlr Express) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2017-09-17]
CHR Extension: (Google Play Music) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2017-09-17]
CHR Extension: (The Weather Channel for Chrome) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2017-09-17]
CHR Extension: (Cycling the Alps) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh [2017-09-17]
CHR Extension: (Austin Marti Photography) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdndehbljljplchkfgmfepkncbcaobo [2017-09-17]
CHR Extension: (Until AM Web App) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2017-09-17]
CHR Extension: (Google Play) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-09-17]
CHR Extension: (Mapy Google) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-09-17]
CHR Extension: (ButtonBeats Guitar) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf [2017-09-17]
CHR Extension: (Onlive Clock) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\moddbcckaikhdnigidfcmaeelcobchpm [2017-09-17]
CHR Extension: (WGT Golf Game) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2017-09-17]
CHR Extension: (Google Input Tools) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig [2017-09-17]
CHR Extension: (Curling) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp [2017-09-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-17]
CHR Extension: (Hover Zoom) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2018-03-16]
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2017-09-17]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-23]
CHR Extension: (Google Publisher Toolbar) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2018-02-15]
CHR Extension: (Picasa) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2017-09-17]
CHR Extension: (Click&Clean App) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2018-03-16]
CHR Extension: (Psykopaint) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2017-09-17]
CHR Extension: (Evernote Web Clipper) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-01-23]
CHR Extension: (Gmail) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-17]
CHR Extension: (Chrome Media Router) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-15]
CHR Extension: (Projecturf) - C:\Users\Roman Janas\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfblbfhlabmoeeapniingkgbpaakicf [2017-09-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2836296 2016-12-14] (ESET)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 MBAMService; C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMSERVICE.EXE [6234056 2017-11-01] (Malwarebytes)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] ()
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3292416 2017-03-16] (Crawler Group, LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28672 2013-10-17] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5878272 2016-11-14] (Broadcom Corporation) [File not signed]
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2017-05-31] (Sony)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-11-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-11-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-11-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-14] (AVAST Software)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [70960 2016-12-13] (ESET)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-03-17] (Malwarebytes)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
R2 WinDivert1.2; C:\Windows\system32\drivers\WinDivert64.sys [37552 2017-08-25] (Basil)
S3 cpuz130; \??\C:\Users\ROMANJ~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X] <==== ATTENTION
S3 X6va064; \??\C:\Windows\SysWOW64\Drivers\X6va064 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-17 18:14 - 2018-03-17 18:16 - 000028845 _____ C:\Users\Roman Janas\Desktop\FRST.txt
2018-03-17 18:13 - 2018-03-17 18:13 - 000015327 _____ C:\Users\Roman Janas\Desktop\LM.bat
2018-03-17 12:45 - 2018-03-17 12:53 - 000000000 ____D C:\AdwCleaner
2018-03-17 12:43 - 2018-03-17 12:43 - 008222496 _____ (Malwarebytes) C:\Users\Roman Janas\Desktop\adwcleaner_7.0.8.0.exe
2018-03-17 11:29 - 2018-03-17 17:23 - 000082698 _____ C:\Users\Roman Janas\Desktop\FRST3.txt
2018-03-17 11:19 - 2018-03-17 11:19 - 000112640 _____ (forum.viry.cz) C:\Users\Roman Janas\Downloads\FRSTLauncher.exe
2018-03-17 11:18 - 2018-03-17 18:14 - 000000000 ____D C:\FRST
2018-03-17 11:18 - 2018-03-17 11:18 - 002403328 _____ (Farbar) C:\Users\Roman Janas\Desktop\FRST64.exe
2018-03-17 10:43 - 2018-03-17 10:43 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-03-17 10:43 - 2018-03-17 10:43 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2018-03-17 10:42 - 2018-03-17 10:48 - 000000000 ____D C:\ProgramData\SystemExplorer
2018-03-17 10:42 - 2018-03-17 10:42 - 000001086 _____ C:\Users\Public\Desktop\System Explorer.lnk
2018-03-17 10:42 - 2018-03-17 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2018-03-17 10:42 - 2018-03-17 10:42 - 000000000 ____D C:\Program Files (x86)\System Explorer
2018-03-17 10:39 - 2018-03-17 10:39 - 009372136 _____ C:\Users\Roman Janas\Downloads\SystemExplorerSetup_700.exe
2018-03-17 10:25 - 2018-03-17 10:53 - 000007606 _____ C:\Users\Roman Janas\AppData\Local\resmon.resmoncfg
2018-03-16 19:37 - 2018-03-16 19:37 - 000004550 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-02 22:32 - 2018-03-17 17:10 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-02 22:32 - 2018-03-02 22:32 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-02 22:32 - 2018-03-02 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-02 22:31 - 2018-03-02 22:31 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2018-03-02 22:31 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-02-24 20:02 - 2018-02-24 20:30 - 1714255872 _____ C:\Users\Roman Janas\Downloads\Putovani s Dinosaury (2013) CZ+SK Dabing - Moviestyl.avi
2018-02-24 20:02 - 2018-02-24 20:21 - 1158924288 _____ C:\Users\Roman Janas\Downloads\Capitan-America---Návrat-prvého-Avengera-cz-dabing (1).avi
2018-02-24 17:56 - 2018-02-24 20:54 - 1705556778 _____ C:\Users\Roman Janas\Downloads\Capitan America 1-Prvni Avenger (2011).avi
2018-02-21 21:43 - 2018-02-21 21:44 - 068685248 _____ C:\Users\Roman Janas\Downloads\Intel_multi-device_A13_R171131.exe
2018-02-21 21:43 - 2018-02-21 21:44 - 008345792 _____ C:\Users\Roman Janas\Downloads\R171789.exe
2018-02-17 22:20 - 2018-02-17 22:23 - 000000000 ____D C:\Users\Roman Janas\Desktop\Lucinka 18
2018-02-16 16:33 - 2018-02-16 16:48 - 1784640462 _____ C:\Users\Roman Janas\Downloads\Bitva o Sevastopol _ Nezlomná _ Битва за Севастополь _ Незламна _ Battle for Sevastopol 2015, CZ.mkv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-17 17:24 - 2016-11-20 00:21 - 000000000 ____D C:\Users\Roman Janas\AppData\LocalLow\Mozilla
2018-03-17 17:18 - 2009-07-14 05:45 - 000018256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-17 17:18 - 2009-07-14 05:45 - 000018256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-17 17:10 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-17 12:32 - 2017-05-29 14:06 - 000000000 ____D C:\Users\Roman Janas\Downloads\vše
2018-03-17 10:43 - 2016-11-23 18:17 - 000000000 ____D C:\Users\Roman Janas\AppData\Roaming\Seznam.cz
2018-03-17 09:56 - 2017-08-16 05:11 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-17 09:53 - 2017-04-23 15:41 - 000000000 ____D C:\Windows\system32\appmgmt
2018-03-17 09:30 - 2017-02-26 08:44 - 000000000 ____D C:\Users\Roman Janas\Counter-Strike 1.6
2018-03-17 09:23 - 2016-11-26 19:04 - 000000000 ____D C:\Program Files (x86)\CorePack
2018-03-17 08:04 - 2016-11-19 09:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-17 08:04 - 2016-11-14 14:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-16 23:30 - 2017-06-03 22:00 - 000000000 ____D C:\Users\Roman Janas\AppData\Local\CrashDumps
2018-03-16 20:12 - 2017-09-17 20:46 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-16 20:12 - 2017-09-17 20:46 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-16 19:37 - 2016-11-14 16:05 - 000804352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-03-16 19:37 - 2016-11-14 16:05 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-16 19:37 - 2016-11-14 16:05 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-03-16 19:36 - 2016-11-14 16:05 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-16 19:36 - 2016-11-14 16:05 - 000000000 ____D C:\Windows\system32\Macromed
2018-03-02 21:50 - 2016-11-18 23:09 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-25 09:09 - 2016-11-18 23:08 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-24 17:53 - 2009-07-14 16:18 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-02-24 17:53 - 2009-07-14 16:18 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-02-24 17:53 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-24 17:53 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-02-24 17:18 - 2009-07-14 06:08 - 000032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-02-21 21:37 - 2017-04-16 05:12 - 000000000 ____D C:\ProgramData\Spyware Terminator

==================== Files in the root of some directories =======

2016-12-22 16:46 - 2017-03-16 21:44 - 000009216 _____ () C:\Users\Roman Janas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-25 12:04 - 2017-08-25 12:04 - 000140800 _____ () C:\Users\Roman Janas\AppData\Local\installer.dat
2017-06-13 18:14 - 2017-06-13 18:31 - 049979264 _____ (Sony) C:\Users\Roman Janas\AppData\Local\pcc.exe
2018-03-17 10:25 - 2018-03-17 10:53 - 000007606 _____ () C:\Users\Roman Janas\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-24 13:07

==================== End of FRST.txt ============================

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 18:55
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7555e-aa6e-11e6-9df0-70f395cc9f9f} - G:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7556c-aa6e-11e6-9df0-70f395cc9f9f} - H:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {21656a8e-b3f6-11e6-be46-70f395cc9f9f} - G:\SETUP.EXE
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {364afc2f-27e4-11e7-b625-70f395cc9f9f} - H:\startme.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {7a185352-34bc-11e7-afaf-806e6f6e6963} - H:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {937affd2-a057-11e7-81f4-806e6f6e6963} - H:\AutoRun.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 X6va064; \??\C:\Windows\SysWOW64\Drivers\X6va064 [X]
C:\Users\Roman Janas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {D13FCAB9-68CF-4458-BE58-118F8FD04C73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {FF4E2E25-9E9B-4B70-BADE-6E44DADEF849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 19:24
od Roman78
LastRegBack: 2018-02-24 13:07

==================== End of FRST.txt ============================








a







Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Roman Janas (17-03-2018 19:18:19)
Running from C:\Users\ROMAN JANAS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-13 22:43:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3828099873-3605611314-608352903-500 - Administrator - Disabled)
Guest (S-1-5-21-3828099873-3605611314-608352903-501 - Limited - Disabled)
Roman Janas (S-1-5-21-3828099873-3605611314-608352903-1000 - Administrator - Enabled) => C:\Users\Roman Janas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 10.0.390.0 (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
American Conquest (HKLM-x32\...\American Conquest) (Version: - )
Apowersoft Online Launcher verze 1.6.1 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.6.1 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.149 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.149 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
CoD 2 čeština (HKLM-x32\...\CoD 2 čeština_is1) (Version: - #'Pan[S]al!er!)
Counter-Strike 1.6 (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\Counter-Strike 1.6) (Version: - )
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DjVu Viewer (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: - djvuviewer.com)
Document Express DjVu Plug-in (HKLM\...\{63D38589-F9D9-4851-A37F-E142A8D14A32}) (Version: 6.1.35472 - Cuminas Corporation)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
ESET NOD32 Antivirus (HKLM\...\{D44F6B96-987A-47FF-AC37-4C82CD9DAE15}) (Version: 10.0.386.1 - ESET, spol. s r.o.)
Facebook Gameroom 1.8.6429.23271 (HKLM-x32\...\{D71E0CAE-F4B3-499E-B515-396B02139A39}) (Version: 1.8.6429.23271 - Facebook)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
Free MP3 Recorder 1.0 (HKLM-x32\...\{AE84E7FF-4DEC-48EC-BBA9-9A808E48DF8E}_is1) (Version: 1.0 - WordAddin Studio)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.162 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
HP Battery Check (HKLM-x32\...\HP Battery Check) (Version: 4.3.2.2 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{B1FE3DA1-15C1-4AEB-85A6-883F8C4AFD42}) (Version: 2.0.2.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.8.47.1 - HP Inc.)
HP Webcam (HKLM-x32\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.26.3 - Roxio)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.3268 - Intel Corporation)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6648 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1029}) (Version: 8.3.309 - Nero AG)
Nero 9 Essentials (HKLM-x32\...\{6c2cf816-e4bb-4610-87b9-856901d3e81b}) (Version: - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NeroVision Express 3 (HKLM-x32\...\NeroVision!UninstallKey) (Version: - )
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Roblox Player for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
ROBLOX Studio for Roman Janas (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Ruská - rozložení jako latinka (1.1.1) (HKLM\...\{99CD43A2-7D5D-48C9-AF37-D42202648235}) (Version: 1.0.3.40 - Đonny)
SCR3xxx Smart Card Reader (HKLM-x32\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Služba Xperia Companion (HKLM\...\{86C9336F-6376-4E86-A09A-EA7177DEC3D5}) (Version: 1.7.2.0 - Sony) Hidden
Sothink FLV Player (HKLM-x32\...\{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1) (Version: 2.3 - SourceTec Software Co., LTD)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.1.112 - Crawler Group)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streaming Audio Recorder V4.1.8 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.1.8 - APOWERSOFT LIMITED)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Unity Web Player (HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{058506CE-4E1C-4087-878E-61D8B5F8F47A}) (Version: 1.7.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{65415473-2761-4ee3-85c1-5fdf086444c6}) (Version: 1.7.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers1-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-11-06] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-12-14] (ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [STShellMenu] -> {F32C83B9-DF1D-42AD-9741-C52909703957} => C:\Program Files (x86)\Spyware Terminator\STShell64.dll [2017-03-16] (Crawler Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02C34753-094D-45C5-B82A-1231BD30BE2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {0EC8968F-2476-4D90-82C5-565B8E0E7EC9} - System32\Tasks\{7EA5EC10-EEFB-4000-87DD-9778FBCEF30C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX\dxsetup.exe" -d "C:\Users\Roman Janas\Downloads\Call of Duty 2 CZ\Call of Duty 2 CZ\DirectX"
Task: {2A58DC17-19EC-4FB3-A407-00BAB1B84702} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {45E133AD-F3D6-4724-9B2A-E0FB074C5B22} - System32\Tasks\{3F6A2BFC-3047-4CF3-89BC-A29E1652FB8B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\sp62061.exe" -d "C:\Users\Roman Janas\Downloads"
Task: {4C7501B3-EDB2-4AC2-A669-FFAB5E70930D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5098A890-9F05-4F8F-B3FC-7AAB3654857C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {529AC17D-2297-40E3-91DC-8596953083FA} - System32\Tasks\{FC01EA8F-F8E7-4543-B09F-1144EF6FE8A2} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\American Conquest CZ 1.1.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {591977A4-F903-4B01-99CD-AE20DD52943C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-10] (AVAST Software)
Task: {5BFA3B3F-EFFC-4245-B006-FF3B2194F62F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7E0EDAC2-BCE8-4D84-A6AE-EFC3B937B228} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {8B026742-D86A-4B93-B241-D6E11AEACF08} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {912B34B5-D34C-439C-9972-B69CFA2FD199} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9B2246EA-2BFE-4414-819D-64C57E6855BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {B8282474-E1BA-46B8-B6BF-35E58F8B83E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BDAAB309-8685-4637-8740-F3DCBCD762D6} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3828099873-3605611314-608352903-1000 => C:\Users\Roman Janas\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {C1E4FA27-9505-441F-90DB-4CA61A97D864} - System32\Tasks\{0F98F8EB-2B09-460D-938F-56E7ADA6B423} => C:\Windows\system32\pcalua.exe -a "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1\Extractor.exe" -d "C:\Users\Roman Janas\Downloads\americanconquest_czv11\American Conquest CZ 1.1"
Task: {F63DA266-AD03-446F-8650-BB47EE2AB5D4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-16] (Adobe Systems Incorporated)
Task: {F97C00F0-D83F-4ACC-8744-F0FB4A745340} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-16 15:08 - 2017-03-16 15:08 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-16 15:08 - 2017-03-16 15:08 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-15 04:42 - 2014-01-15 04:42 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-11-14 14:38 - 2013-10-26 10:45 - 000651856 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
2013-10-17 22:28 - 2013-10-17 22:28 - 000028672 _____ () C:\WINDOWS\SYSTEM32\VALWBFPOLICYSERVICE.EXE
2018-03-02 22:32 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\WINDOWS\SYSTEM32\IccLibDll_x64.dll
2016-11-14 14:38 - 2013-08-31 06:44 - 002417152 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2016-11-14 14:38 - 2009-01-10 19:32 - 000011362 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2016-11-14 14:38 - 2009-06-23 03:42 - 000043008 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2016-11-14 14:38 - 2013-08-31 06:46 - 001148416 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2017-08-06 07:56 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-06 07:56 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-06 07:56 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-06 07:56 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-11-14 18:30 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-10-18 22:58 - 2017-10-18 22:58 - 000570368 _____ () C:\Users\Roman Janas\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3828099873-3605611314-608352903-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman Janas\Pictures\Picasa\Pozadí\picasabackground-003.bmp
DNS Servers: 185.67.189.2 - 185.67.189.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7DBA6CB1-0A17-409E-9034-8902FDB42699}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46489C85-7D26-4805-B582-4E753CB23196}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{045568EF-4348-46CC-98BB-6CB9C82D28CB}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [UDP Query User{7ECF431F-DD36-4892-AE2A-7B2852C2F5ED}C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe] => (Block) C:\users\roman janas\downloads\cossacks-3-v-1.0.4.46.3856\cossacks.3.v1.0.4.46.3856\cossacks.exe
FirewallRules: [TCP Query User{7823293F-855B-4782-BBED-33EFFDAE2C83}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{6483C747-616A-4E21-AD8D-F5E5FC1EB477}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{106AF63B-B002-4696-BC11-F9AE5A65AB78}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{64B321F8-DE8C-4A4C-867A-7F94C270ED25}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{5AB69803-682A-4966-8D85-F94EA5D2F3C4}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{4F083AD1-652A-4F2B-A3C1-5A4FEC36D9AA}] => (Allow) C:\WarThunder\run.exe
FirewallRules: [{7F6DF90E-EFA2-4E35-928D-7C6D0751711A}] => (Allow) LPort=80
FirewallRules: [{EFD269CF-104E-4C4D-8C54-7DA0646EBFE6}] => (Allow) LPort=443
FirewallRules: [{460D3937-BFD5-47B4-91A2-1AA48B5F2CB1}] => (Allow) LPort=20010
FirewallRules: [{1297A868-1975-490B-A628-015249D0CF56}] => (Allow) LPort=3478
FirewallRules: [{285005C4-B9CF-4621-A23E-D586F934058E}] => (Allow) LPort=7850
FirewallRules: [{5287D3D8-603F-4571-8442-2FC5FC236B21}] => (Allow) LPort=7852
FirewallRules: [{8467964D-96AD-4649-8CBD-7B3FE5AA54AE}] => (Allow) LPort=7853
FirewallRules: [{DA498C50-8BB5-4B9C-B184-45034BE50922}] => (Allow) LPort=27022
FirewallRules: [{F01CFDB2-44D3-478E-A95B-08873F89AF83}] => (Allow) LPort=6881
FirewallRules: [{6E9C0245-6DC0-4566-A1FE-7A5894A4AB23}] => (Allow) LPort=33333
FirewallRules: [{0E48C419-9AAF-4274-BAAD-4BF0C632EE36}] => (Allow) LPort=20443
FirewallRules: [{B319979B-47A8-44D3-9ACA-FE28F6D49250}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{D4B3546E-4393-4D0D-9C2F-5912F66EB92B}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{B3F8893B-4D34-4F48-82D9-35EDA24379F2}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{E5441FAF-F14F-4605-84DE-54F27D3FA171}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [UDP Query User{8CDA41D3-A187-47FD-91A9-680FF8D291A2}C:\warthunder\launcher.exe] => (Block) C:\warthunder\launcher.exe
FirewallRules: [TCP Query User{F8D6ECF2-2158-42B4-8C5C-F05812B77640}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{199ECE93-372D-4BCF-9B7D-723AC005F861}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Allow) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4B95ECF2-3D34-4174-AA66-A999524AC735}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{2E55B530-C375-45BB-9D9B-5655774F0875}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{95489A16-8394-4B80-9E65-7D9AB5A99C30}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{446ED07F-2C24-43AC-A17A-2E97127B6558}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{9300D633-0B77-4383-A4CF-BA6EEBD99826}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A27FEED3-A574-4092-AB57-B384FE191354}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0CD1EC2B-1285-4CD6-8183-FB2F7ECF6905}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C0BAEAEA-58D9-44A7-925A-2DAB4F14EB3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{094C1709-C1BE-4EF9-9233-62AF1954F60B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{E9EDB444-882C-4072-A1D5-FDFB9B50CF2B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CF0C9139-0066-4D91-809B-3DF2D918E65B}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{4638E5C9-C851-4B88-B08E-E0A01809CB30}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{9BC50027-5531-498E-8ABF-175F346F87CA}C:\users\roman janas\counter-strike 1.6\hl.exe] => (Block) C:\users\roman janas\counter-strike 1.6\hl.exe
FirewallRules: [{4848FDCA-B426-4E6C-AADF-3D2560BA2839}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{8C9EB861-1322-4026-BBBF-CAA6C828F4EC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{ABE6EC94-2FE3-46F4-8177-FB01E2F2C7B6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{6B329426-C7AC-4353-9352-875310338CB5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{3086C94F-A6A2-4F35-9241-DF4D2566429B}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [TCP Query User{ED87B26F-CE04-4465-A068-0696134F375A}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [UDP Query User{D015BF35-04DB-4C7E-BB44-868FA83F70B3}C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\roman janas\appdata\local\temp\rar$exa0.348\hello.neighbor.alpha.1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe
FirewallRules: [{CE5F6A2C-23D6-4E33-BF18-FADDD756F855}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2C5CEB7B-9349-4B11-BC98-03C0E1933888}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39C5558F-DA7E-43A7-8F9E-78D88FA53C3E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{732518DB-11B1-4AFE-B990-5FDF49F51E6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0674AC1-ADE5-475C-BCB7-83192B7351E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{E2343E49-7969-4D4A-AE2F-45700CEB28E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Larva Mortus\larvamortus.exe
FirewallRules: [{24FD85B3-567A-45DB-831F-685ABDAFB4E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7E81CBA5-B0A3-43EC-9BA5-AC539E0B4D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CDE7D0BF-D022-43C8-9ACF-E2451F076ECF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

23-01-2018 17:19:26 Naplánovaný kontrolní bod
24-02-2018 13:14:56 Naplánovaný kontrolní bod
17-03-2018 09:24:17 Removed Call of Duty(R) 2
17-03-2018 09:50:59 Removed Medal of Honor Airborne Demo

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2018 11:30:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SpywareTerminatorUpdate.exe, verze: 3.0.1.111, časové razítko: 0x58a4530a
Název chybujícího modulu: TorrentDll.dll, verze: 3.0.0.1, časové razítko: 0x4dbe5f67
Kód výjimky: 0xc0000417
Posun chyby: 0x00132780
ID chybujícího procesu: 0x1274
Čas spuštění chybující aplikace: 0x01d3bd5471ab8027
Cesta k chybující aplikaci: C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Spyware Terminator\TorrentDll.dll
ID zprávy: aa2060b6-2969-11e8-9646-70f395cc9f9f

Error: (02/24/2018 07:58:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: c1de7427-1994-11e8-803e-70f395cc9f9f

Error: (02/24/2018 07:58:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EXPLORER.EXE, verze: 6.1.7601.23537, časové razítko: 0x57c44efe
Název chybujícího modulu: DUI70.dll, verze: 6.1.7600.16385, časové razítko: 0x4a5bdf25
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003c967
ID chybujícího procesu: 0xb4c
Čas spuštění chybující aplikace: 0x01d3ada04ba9ff1b
Cesta k chybující aplikaci: C:\WINDOWS\EXPLORER.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\DUI70.dll
ID zprávy: a2d3adfb-1994-11e8-803e-70f395cc9f9f

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8144

Error: (01/23/2018 08:26:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7114

Error: (01/23/2018 08:26:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7114


System errors:
=============
Error: (03/17/2018 07:08:17 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Služba WMPNetworkSvc nebyla spuštěna správně, protože u funkce CoCreateInstance (CLSID_UPnPDeviceFinder) došlo k chybě 0x80004005. Zkontrolujte, zda je spuštěná služba UPnPHost a zda je správně nainstalována součást systému Windows UPnPHost.

Error: (03/17/2018 07:08:07 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 07:08:01 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 07:07:46 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 07:07:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/17/2018 07:07:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (03/17/2018 07:07:24 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/17/2018 07:07:23 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


CodeIntegrity:
===================================

Date: 2017-09-11 14:28:26.393
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-11 14:28:25.683
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:24.025
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-10 16:16:23.290
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.847
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

Date: 2017-09-05 16:01:51.455
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles\base_nonnups\nod4090.dll.nup.raw because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 3887.43 MB
Available physical RAM: 2042.54 MB
Total Virtual: 7773.04 MB
Available Virtual: 5371.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:32.29 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:14.93 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{4f9b778f-a9f1-11e6-ada3-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AEDA26BE)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu

Napsal: 17 bře 2018 20:13
od Rudy
Log Addition je k ničemu. Potřebuji vidět obsah souboru fixlog.txt.

Re: Prosím o kontrolu logu

Napsal: 18 bře 2018 18:39
od Roman78
Snad je to tento

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Roman Janas (17-03-2018 19:02:46) Run:1
Running from C:\Users\ROMAN JANAS\Desktop
Loaded Profiles: Roman Janas (Available Profiles: Roman Janas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7555e-aa6e-11e6-9df0-70f395cc9f9f} - G:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {02a7556c-aa6e-11e6-9df0-70f395cc9f9f} - H:\AutoRun.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {21656a8e-b3f6-11e6-be46-70f395cc9f9f} - G:\SETUP.EXE
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {364afc2f-27e4-11e7-b625-70f395cc9f9f} - H:\startme.exe
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {7a185352-34bc-11e7-afaf-806e6f6e6963} - H:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3828099873-3605611314-608352903-1000\...\MountPoints2: {937affd2-a057-11e7-81f4-806e6f6e6963} - H:\AutoRun.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 X6va064; \??\C:\Windows\SysWOW64\Drivers\X6va064 [X]
C:\Users\Roman Janas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {D13FCAB9-68CF-4458-BE58-118F8FD04C73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)
Task: {FF4E2E25-9E9B-4B70-BADE-6E44DADEF849} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-17] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02a7555e-aa6e-11e6-9df0-70f395cc9f9f}" => removed successfully
HKLM\Software\Classes\CLSID\{02a7555e-aa6e-11e6-9df0-70f395cc9f9f} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02a7556c-aa6e-11e6-9df0-70f395cc9f9f}" => removed successfully
HKLM\Software\Classes\CLSID\{02a7556c-aa6e-11e6-9df0-70f395cc9f9f} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21656a8e-b3f6-11e6-be46-70f395cc9f9f}" => removed successfully
HKLM\Software\Classes\CLSID\{21656a8e-b3f6-11e6-be46-70f395cc9f9f} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{364afc2f-27e4-11e7-b625-70f395cc9f9f}" => removed successfully
HKLM\Software\Classes\CLSID\{364afc2f-27e4-11e7-b625-70f395cc9f9f} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a185352-34bc-11e7-afaf-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{7a185352-34bc-11e7-afaf-806e6f6e6963} => not found
"HKU\S-1-5-21-3828099873-3605611314-608352903-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{937affd2-a057-11e7-81f4-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{937affd2-a057-11e7-81f4-806e6f6e6963} => not found
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\System\CurrentControlSet\Services\X6va064" => removed successfully
X6va064 => service removed successfully
C:\Users\Roman Janas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D13FCAB9-68CF-4458-BE58-118F8FD04C73}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D13FCAB9-68CF-4458-BE58-118F8FD04C73}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF4E2E25-9E9B-4B70-BADE-6E44DADEF849}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF4E2E25-9E9B-4B70-BADE-6E44DADEF849}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52489208 B
Java, Flash, Steam htmlcache => 19312219 B
Windows/system/drivers => 2151370 B
Edge => 0 B
Chrome => 266747752 B
Firefox => 426959549 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558540 B
systemprofile32 => 66228 B
LocalService => 66228 B
NetworkService => 66228 B
Roman Janas => 247446417 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:05:43 ====

Re: Prosím o kontrolu logu

Napsal: 18 bře 2018 19:08
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu logu

Napsal: 18 bře 2018 19:17
od Roman78
¨Paměť se drží na nějakých 73 procentech. Už nedochází k nějakému viditelnému zamrzání a hlavně se už nespouští hlučně ventilátor. Vypadá to dobře. Moc děkuji.

Re: Prosím o kontrolu logu

Napsal: 18 bře 2018 19:20
od Rudy
To jsem rád. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz