﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Anetka (2015-09-02 17:46:46)
Running from C:\Users\Anetka\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1818996410-246096817-3522660448-500 - Administrator - Disabled)
Anetka (S-1-5-21-1818996410-246096817-3522660448-1001 - Administrator - Enabled) => C:\Users\Anetka
DefaultAccount (S-1-5-21-1818996410-246096817-3522660448-503 - Limited - Disabled)
Guest (S-1-5-21-1818996410-246096817-3522660448-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Aktualizace NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0038 - ASUS)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
firstobject XML Editor version 2.4.2 (HKLM-x32\...\firstobject XML Editor_is1) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - Sega)
Medieval II Total War Kingdoms (HKLM-x32\...\{CE244E07-B58F-4140-806F-34FB0CDDE8CA}) (Version: 1.05.0000 - Sega)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 cs)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 355.82 (Version: 355.82 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1818996410-246096817-3522660448-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Anetka\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

02-09-2015 11:39:31 Instalováno Medieval II Total War

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-04-25 05:37 - 2015-04-25 05:29 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08B9A583-8FC1-4ECA-A85D-BFE2755A3D18} - System32\Tasks\GoogleUpdateTaskMachineCore1d09f16801074a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-17] (Google Inc.)
Task: {0F1D39F0-76BB-4959-9ED5-528140446E9E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
Task: {10BB2EE2-5C81-4033-9389-B17835BA0537} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-08-23] (Microsoft Corporation)
Task: {10C17E36-0644-4CC6-BD74-E55396833B39} - System32\Tasks\{722BEC03-E87C-40BF-818A-1C8EBE635092} => Chrome.exe http://ui.skype.com/ui/0/7.6.0.105/cs/abandoninstall?page=tsProgressBar
Task: {149C1713-57E9-4414-AC58-710C1351AC39} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-08-23] (Microsoft Corporation)
Task: {2E44B94C-1B2A-467D-A649-0608BA06B734} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-08-23] (Microsoft Corporation)
Task: {2F184A95-B1FD-432C-942C-C9A261E55AA8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17] (Adobe Systems Incorporated)
Task: {36EBB740-80D3-471D-BB9B-C0267E352DEC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {37ECF080-6385-4452-AEE2-2EF2A6D0C38E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {39237538-E247-4C12-8172-8AC7B0450165} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {4537D848-0AB6-4E4D-92F2-A85FF507B8AB} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-08-23] (Microsoft Corporation)
Task: {4A8924B2-F16F-41BE-A81F-A23852BC434B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {4CCF0449-1E21-479D-8EB0-24FBF3D2F62D} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {51C8EE5D-5EF8-4C79-8DC4-9F70B8E8CD21} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {55D7E0D8-8915-40BB-BA73-A97BCCAD21F7} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-23] (Microsoft Corporation)
Task: {57D68335-3315-4F0E-AE1F-AB94CF1A99C3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {6AC985C2-1259-4721-9CF9-7836FEB63C68} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-08-23] (Microsoft Corporation)
Task: {82B68E5D-FE3D-468C-868E-C10A19D8DE0F} - \SpeechRuntimeTask -> No File <==== ATTENTION
Task: {833672DA-2BA3-4627-94BB-685B5855B072} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {871FABAF-9CE5-473C-B329-89F177AE81CF} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-08-23] (Microsoft Corporation)
Task: {8C928627-E2FF-4651-AD41-02766B389C72} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {9137DB14-5C2B-4D3B-979A-4753D81D9BD0} - System32\Tasks\Cartoonify => c:\programdata\{e77b615f-9cb5-63da-e77b-b615f9cb857e}\download.exe-1437082734335.exe <==== ATTENTION
Task: {BF0B80DD-7E19-4397-983B-5CB98C22C2D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {C78222F2-8683-4CAD-8F3D-DEECDF6293AC} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {D0657F9E-1846-415F-9386-CB474D816148} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-08-23] (Microsoft Corporation)
Task: {D97EC277-D959-479D-92BB-721E934D7287} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-17] (Google Inc.)
Task: {DA44384C-0FD0-4118-8E47-ED9213D2F3AE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {DE708FEF-FCC1-4E0B-9593-4F664FD9BFFA} - System32\Tasks\AdobeAAMUpdater-1.0-WIN-5LKS7F1KP3T-Anetka => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {DEB059CA-FF15-436D-B1BB-6C1F53EC13D9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-05] (Realtek Semiconductor)
Task: {E6197990-C5EB-4CB4-9B61-F090647320B7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {EA716CB3-0161-4FBC-A22A-BA30B554C884} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {F1EB365C-FB95-4339-8D3E-677CEAAAD6FA} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Cartoonify.job => c:\programdata\{e77b615f-9cb5-63da-e77b-b615f9cb857e}\download.exe-1437082734335.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d09f16801074a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-05 00:38 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-23 06:54 - 2015-08-23 06:54 - 02574840 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-23 06:54 - 2015-08-23 06:54 - 02574840 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-23 06:52 - 2015-08-23 06:52 - 00431104 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-23 06:57 - 2015-08-23 11:40 - 06369792 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-08-23 06:57 - 2015-08-23 11:40 - 00551424 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-23 06:57 - 2015-08-23 11:40 - 02482688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-13 21:49 - 2015-06-13 21:49 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-07-17 19:34 - 2015-07-17 19:34 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-09-02 17:36 - 2015-08-25 17:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1818996410-246096817-3522660448-1001\Control Panel\Desktop\\Wallpaper -> I:\Tomáš\Obrázky\Transformers\Autoboti\Optimus a Grimlock.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-1818996410-246096817-3522660448-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [UDP Query User{549824CC-165D-49A4-9F55-1764DEC93B83}C:\users\anetka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\anetka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{D09912DA-5543-441B-A5A4-4849B0137ABC}C:\users\anetka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\anetka\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{699986C3-C8D8-4A25-9E3C-968A1F7EDCBF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E8A0F02E-1C3C-4A8C-83B2-B50D112F97A5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B21D4E6A-8F15-4F82-87CB-15C09BEE63A8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A361FED4-CDB2-4F5A-A901-BBBB57A74188}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{605990F8-9DCA-49EC-873D-119DD55F23E7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{890F8184-F230-4C17-8C29-E9B44AA6A758}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{4367DE16-E5D7-4589-B369-D4DBE8AA5CBD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C22097BC-21DD-4678-B45C-7DA141552A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{96846D02-5D07-410C-8D52-F0F7ABA5D444}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E00CB7F2-C007-4319-BBF4-EF981B2EAB4E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AA3F16B0-9C0D-46E0-AD56-2C75D2BEED91}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{66AC6F5D-0850-4484-BE34-2CB0F665E4AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{65C9F66F-3B57-442B-AB91-8A7D14CE079D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EA46067B-9707-4479-B0EC-723B85B68C07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DCA80706-6B70-4B7A-80B6-7B6D0426B54D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5B2AABC4-06AF-4052-A933-E4F80FB47DE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2015 05:37:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WIN-5LKS7F1KP3T)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/02/2015 05:37:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HxTsr.exe verze 16.0.6131.4200 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1604

Čas spuštění: 01d0e5953334e109

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6131.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe

ID hlášení: 814babba-5188-11e5-8088-c860004fd19d

Úplný název balíčku s chybou: microsoft.windowscommunicationsapps_17.6131.42001.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/02/2015 05:35:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WIN-5LKS7F1KP3T)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/02/2015 05:35:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WIN-5LKS7F1KP3T)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/02/2015 05:31:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 10.0.10532.0, časové razítko: 0x55d90bcb
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10532.0, časové razítko: 0x55d90b27
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000517b1c
ID chybujícího procesu: 0x5a4
Čas spuštění chybující aplikace: 0xLogonUI.exe0
Cesta k chybující aplikaci: LogonUI.exe1
Cesta k chybujícímu modulu: LogonUI.exe2
ID zprávy: LogonUI.exe3
Úplný název chybujícího balíčku: LogonUI.exe4
ID aplikace související s chybujícím balíčkem: LogonUI.exe5

Error: (09/02/2015 05:31:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 10.0.10532.0, časové razítko: 0x55d90bcb
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10532.0, časové razítko: 0x55d90b27
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000517b1c
ID chybujícího procesu: 0xa58
Čas spuštění chybující aplikace: 0xLogonUI.exe0
Cesta k chybující aplikaci: LogonUI.exe1
Cesta k chybujícímu modulu: LogonUI.exe2
ID zprávy: LogonUI.exe3
Úplný název chybujícího balíčku: LogonUI.exe4
ID aplikace související s chybujícím balíčkem: LogonUI.exe5

Error: (09/02/2015 05:31:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 10.0.10532.0, časové razítko: 0x55d90bcb
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10532.0, časové razítko: 0x55d90b27
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000517b1c
ID chybujícího procesu: 0x1528
Čas spuštění chybující aplikace: 0xLogonUI.exe0
Cesta k chybující aplikaci: LogonUI.exe1
Cesta k chybujícímu modulu: LogonUI.exe2
ID zprávy: LogonUI.exe3
Úplný název chybujícího balíčku: LogonUI.exe4
ID aplikace související s chybujícím balíčkem: LogonUI.exe5

Error: (09/02/2015 05:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 10.0.10532.0, časové razítko: 0x55d90bcb
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10532.0, časové razítko: 0x55d90b27
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000517b1c
ID chybujícího procesu: 0x1584
Čas spuštění chybující aplikace: 0xLogonUI.exe0
Cesta k chybující aplikaci: LogonUI.exe1
Cesta k chybujícímu modulu: LogonUI.exe2
ID zprávy: LogonUI.exe3
Úplný název chybujícího balíčku: LogonUI.exe4
ID aplikace související s chybujícím balíčkem: LogonUI.exe5

Error: (09/02/2015 05:06:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setup.exe_NVIDIA Install Application, verze: 2.1002.186.1591, časové razítko: 0x55dc6d75
Název chybujícího modulu: NVI2.DLL, verze: 2.1002.186.1591, časové razítko: 0x55dc6e5e
Kód výjimky: 0x40000015
Posun chyby: 0x0012af74
ID chybujícího procesu: 0x15d0
Čas spuštění chybující aplikace: 0xsetup.exe_NVIDIA Install Application0
Cesta k chybující aplikaci: setup.exe_NVIDIA Install Application1
Cesta k chybujícímu modulu: setup.exe_NVIDIA Install Application2
ID zprávy: setup.exe_NVIDIA Install Application3
Úplný název chybujícího balíčku: setup.exe_NVIDIA Install Application4
ID aplikace související s chybujícím balíčkem: setup.exe_NVIDIA Install Application5

Error: (09/02/2015 05:05:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GFExperience.exe, verze: 2.5.14.5, časové razítko: 0x55de588f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x540
Čas spuštění chybující aplikace: 0xGFExperience.exe0
Cesta k chybující aplikaci: GFExperience.exe1
Cesta k chybujícímu modulu: GFExperience.exe2
ID zprávy: GFExperience.exe3
Úplný název chybujícího balíčku: GFExperience.exe4
ID aplikace související s chybujícím balíčkem: GFExperience.exe5


System errors:
=============
Error: (09/02/2015 05:40:01 PM) (Source: DCOM) (EventID: 10016) (User: WIN-5LKS7F1KP3T)
Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}WIN-5LKS7F1KP3TAnetkaS-1-5-21-1818996410-246096817-3522660448-1001LocalHost (pomocí LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10532.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (09/02/2015 05:37:25 PM) (Source: DCOM) (EventID: 10010) (User: WIN-5LKS7F1KP3T)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Error: (09/02/2015 05:32:08 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (09/02/2015 05:31:26 PM) (Source: DCOM) (EventID: 10010) (User: WIN-5LKS7F1KP3T)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (09/02/2015 05:31:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/02/2015 05:31:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/02/2015 05:31:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/02/2015 05:31:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/02/2015 05:29:26 PM) (Source: DCOM) (EventID: 10016) (User: WIN-5LKS7F1KP3T)
Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}WIN-5LKS7F1KP3TAnetkaS-1-5-21-1818996410-246096817-3522660448-1001LocalHost (pomocí LRPC)Microsoft.Windows.Cortana_1.5.0.140_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (09/02/2015 05:29:26 PM) (Source: DCOM) (EventID: 10016) (User: WIN-5LKS7F1KP3T)
Description: výchozí pro počítačMístníAktivace{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}WIN-5LKS7F1KP3TAnetkaS-1-5-21-1818996410-246096817-3522660448-1001LocalHost (pomocí LRPC)Microsoft.Windows.Cortana_1.5.0.140_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Microsoft Office:
=========================
Error: (09/02/2015 05:37:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WIN-5LKS7F1KP3T)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142

Error: (09/02/2015 05:37:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: HxTsr.exe16.0.6131.4200160401d0e5953334e1094294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6131.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe814babba-5188-11e5-8088-c860004fd19dmicrosoft.windowscommunicationsapps_17.6131.42001.0_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (09/02/2015 05:35:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WIN-5LKS7F1KP3T)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub-2147023170

Error: (09/02/2015 05:35:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WIN-5LKS7F1KP3T)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub-2147023170

Error: (09/02/2015 05:31:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe10.0.10532.055d90bcbWindows.UI.Xaml.dll10.0.10532.055d90b27c000027b0000000000517b1c5a401d0e59470b49274C:\WINDOWS\system32\LogonUI.exeC:\Windows\System32\Windows.UI.Xaml.dllf45d04c6-6d7b-4ab2-a5ff-deef67cfdf92

Error: (09/02/2015 05:31:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe10.0.10532.055d90bcbWindows.UI.Xaml.dll10.0.10532.055d90b27c000027b0000000000517b1ca5801d0e594702ed2cbC:\WINDOWS\system32\LogonUI.exeC:\Windows\System32\Windows.UI.Xaml.dllee895c3f-9730-446d-95e8-73d9903c48f5

Error: (09/02/2015 05:31:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe10.0.10532.055d90bcbWindows.UI.Xaml.dll10.0.10532.055d90b27c000027b0000000000517b1c152801d0e5946f374312C:\WINDOWS\system32\LogonUI.exeC:\Windows\System32\Windows.UI.Xaml.dllb952b82f-6cb5-4070-bc45-aea07a374def

Error: (09/02/2015 05:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe10.0.10532.055d90bcbWindows.UI.Xaml.dll10.0.10532.055d90b27c000027b0000000000517b1c158401d0e5946a0ed106C:\WINDOWS\system32\LogonUI.exeC:\Windows\System32\Windows.UI.Xaml.dll71dd200b-fd6e-4687-97c2-244487e6dd2d

Error: (09/02/2015 05:06:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: setup.exe_NVIDIA Install Application2.1002.186.159155dc6d75NVI2.DLL2.1002.186.159155dc6e5e400000150012af7415d001d0e59065c03b79C:\Users\Anetka\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceWindows10Driver\setup.exeC:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{8F80555D-C94E-4952-8BFB-FFC43FF780CF}\NVI2.DLLd70cecf3-7ae3-41ab-8b1e-7cdc6ddb4b8d

Error: (09/02/2015 05:05:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GFExperience.exe2.5.14.555de588funknown0.0.0.000000000c00000050000000054001d0e58fd34ccd1cC:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exeunknownf7a06133-6674-40cb-be8f-a74ecafbf4ae


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 38%
Total physical RAM: 3872.05 MB
Available physical RAM: 2369.18 MB
Total Virtual: 4576.05 MB
Available Virtual: 3135.53 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:293.03 GB) (Free:211.33 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:380.61 GB) (Free:197.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=380.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================