﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Paja (2016-03-06 10:48:19)
Running from C:\Users\Paja\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-10 13:20:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3655408085-2314531987-3534120068-500 - Administrator - Disabled)
Guest (S-1-5-21-3655408085-2314531987-3534120068-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3655408085-2314531987-3534120068-1003 - Limited - Enabled)
Paja (S-1-5-21-3655408085-2314531987-3534120068-1001 - Administrator - Enabled) => C:\Users\Paja
UpdatusUser (S-1-5-21-3655408085-2314531987-3534120068-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Advanced Language Practice CD-ROM (HKLM-x32\...\{5BF5D619-4D1D-4E2B-890D-DA0B6DFF8D4C}) (Version: 1.00.0000 - Macmillan)
Aktualizace NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
Anki (HKLM-x32\...\Anki) (Version:  - )
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
CollageIt 1.8.7 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version:  - PearlMountain Technology Co., Ltd)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3655408085-2314531987-3534120068-1001\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
EaseUS Todo Backup Free 3.5 (HKLM-x32\...\EaseUS Todo Backup Free 3.5_is1) (Version: 3.5.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
Energy Management (x32 Version: 6.0.1.6 - Lenovo) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
FileOpener (HKLM-x32\...\Tweaks FileOpener) (Version: 1.1.1 - Tweaks)
FileOpener Packages (HKU\S-1-5-21-3655408085-2314531987-3534120068-1001\...\FileOpener Packages) (Version:  - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HappyFoto - FOTO (HKLM-x32\...\{1BDB6CC3-DCAA-43F7-B693-CCC399646BDA}) (Version: 1.0.1 - HappyFoto GmbH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Japanese Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java(TM) 6 Update 38 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216034FF}) (Version: 6.0.380 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo MuteSync (HKLM-x32\...\InstallShield_{C39EF9B4-0C4F-4D48-8665-8FD45BFF3961}) (Version: 1.0.0.3 - Lenovo)
Lenovo MuteSync (x32 Version: 1.0.0.3 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3603 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 29.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 cs)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
NVIDIA Ovladače grafiky 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
OmegaT version 2.6.3_11 (HKLM-x32\...\OmegaT 2.6.3_11_is1) (Version:  - OmegaT)
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.8 - Lenovo)
Onekey Theater (x32 Version: 2.0.2.8 - Lenovo) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací panel NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhishWall Client (HKLM-x32\...\{E5BA1356-C9FD-4817-A4A1-3C49D8AACC0F}) (Version: 4.0.3 - SecureBrain Corporation)
PhishWall Client (x32 Version: 4.0.3 - SecureBrain Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7108 - CyberLink Corp.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
R for Windows 2.15.0 (HKLM\...\R for Windows 2.15.0_is1) (Version: 2.15.0 - R Development Core Team)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
rajče průvodce verze 1.59.40.255 (HKLM-x32\...\rajče.net_is1) (Version:  - rajče.net)
rCIA part1 version 1.0 (HKLM-x32\...\{811E8DA5-A838-41DD-B235-DA0435C5E8AF}_is1) (Version: 1.0 - PwC)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6301 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1D00}) (Version: 12.29.0.197 - APN, LLC) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SRS Premium Sound Control Panel (HKLM\...\{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}) (Version: 1.11.0000 - SRS Labs, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.16.4 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.0126 - Lenovo)
Video Converter (HKU\S-1-5-21-3655408085-2314531987-3534120068-1001\...\Video Converter) (Version:  - )
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinHTTrack Website Copier 3.44-4 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.44.4 - HTTrack)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3655408085-2314531987-3534120068-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Paja\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3655408085-2314531987-3534120068-1001_Classes\CLSID\{08B3347F-ACAA-4A58-99C1-44E716440D1B}\InprocServer32 -> C:\Users\Paja\AppData\Local\Temp\{3ACCE5A8-7868-421D-844E-43E7DD3B9BA2}\Spencer.dll => No File
CustomCLSID: HKU\S-1-5-21-3655408085-2314531987-3534120068-1001_Classes\CLSID\{08B3347F-ACAA-4A58-99C1-44E716440D1C}\InprocServer32 -> C:\Users\Paja\AppData\Local\Temp\{3ACCE5A8-7868-421D-844E-43E7DD3B9BA2}\Spencer.dll => No File
CustomCLSID: HKU\S-1-5-21-3655408085-2314531987-3534120068-1001_Classes\CLSID\{08B3347F-ACAA-4A58-99C1-44E716440D1D}\InprocServer32 -> C:\Users\Paja\AppData\Local\Temp\{3ACCE5A8-7868-421D-844E-43E7DD3B9BA2}\Spencer.dll => No File
CustomCLSID: HKU\S-1-5-21-3655408085-2314531987-3534120068-1001_Classes\CLSID\{08B3347F-ACAA-4A58-99C1-44E716440D1F}\InprocServer32 -> C:\Users\Paja\AppData\Local\Temp\{3ACCE5A8-7868-421D-844E-43E7DD3B9BA2}\Spencer.dll => No File
CustomCLSID: HKU\S-1-5-21-3655408085-2314531987-3534120068-1001_Classes\CLSID\{08B3347F-ACAA-4A58-99C1-44E716440D20}\InprocServer32 -> C:\Users\Paja\AppData\Local\Temp\{3ACCE5A8-7868-421D-844E-43E7DD3B9BA2}\Spencer.dll => No File
CustomCLSID: HKU\S-1-5-21-3655408085-2314531987-3534120068-1001_Classes\CLSID\{08B3347F-ACAA-4A58-99C1-44E716440D21}\InprocServer32 -> C:\Users\Paja\AppData\Local\Temp\{3ACCE5A8-7868-421D-844E-43E7DD3B9BA2}\Spencer.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {45E3BDBD-8683-4CEA-B876-14569FA4AADB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {6A8E5557-9661-4231-AEC3-077CBA138267} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-09] (AVAST Software)
Task: {6EFB2E95-F6AC-4DBE-927C-2C7957761557} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3655408085-2314531987-3534120068-1001Core => C:\Users\Paja\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {766C0B54-BC35-4F1D-B709-54A99AEEE1FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {7A456B70-2995-44E9-B532-D99F78326CDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9C755D21-1AFA-41E5-8B67-2AAC358D4BAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D3B26D06-087C-4D67-AD42-8D40801B7467} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink)
Task: {D8120D49-C2FC-4FDA-A936-100F2F47E23C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DCEBD670-6643-42B6-816A-933633C7A9F8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-06] (AVAST Software)
Task: {E3D0CE41-19E3-4473-8565-2C08945BF27C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {F8E89662-5084-48D3-B648-352457ED5223} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3655408085-2314531987-3534120068-1001UA => C:\Users\Paja\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3655408085-2314531987-3534120068-1001Core.job => C:\Users\Paja\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3655408085-2314531987-3534120068-1001UA.job => C:\Users\Paja\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-01-28 14:18 - 2013-10-29 00:38 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-02-16 18:56 - 2011-02-16 18:56 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-02-16 19:01 - 2011-02-16 19:01 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2011-05-07 14:02 - 2011-05-07 14:02 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2011-05-07 13:47 - 2011-01-03 20:53 - 00258936 _____ () C:\Program Files (x86)\BisonCam\Monitor.exe
2008-12-20 04:20 - 2011-05-07 14:14 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2011-05-07 14:14 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2011-03-04 11:17 - 2011-01-27 01:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-07 13:59 - 2011-05-07 13:59 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2010-12-14 19:05 - 2010-12-14 19:05 - 00173856 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2015-10-09 16:00 - 2015-10-09 16:00 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-09 16:00 - 2015-10-09 16:00 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-06 09:50 - 2016-03-06 09:50 - 02838016 _____ () C:\Program Files\AVAST Software\Avast\defs\16030500\algo.dll
2012-02-20 13:29 - 2012-02-20 13:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 13:28 - 2012-02-20 13:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-12-10 21:59 - 2011-10-21 22:46 - 00051848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2011-12-10 21:59 - 2008-11-25 17:18 - 01291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2011-12-10 22:00 - 2004-10-05 03:08 - 00055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2011-12-10 21:59 - 2011-10-21 22:46 - 00074376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2011-12-10 21:59 - 2011-10-21 22:46 - 00243336 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2011-12-10 21:59 - 2011-10-21 22:46 - 00069768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2011-12-10 22:00 - 2011-10-21 22:46 - 00064648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2011-12-10 22:00 - 2011-10-21 22:46 - 00088712 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2011-02-16 18:51 - 2011-02-16 18:51 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-02-16 18:53 - 2011-02-16 18:53 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2015-03-24 11:39 - 2014-09-09 12:30 - 00603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2011-05-07 14:02 - 2011-05-07 14:02 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2016-02-21 13:38 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-21 13:37 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-12 20:07 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-21 13:38 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-21 13:38 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-21 13:38 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-12 20:07 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-21 13:38 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-21 13:38 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-21 13:37 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-21 13:38 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-21 13:37 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-21 13:37 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-21 13:37 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-12 20:07 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-21 13:38 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-21 13:38 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-21 13:38 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-21 13:38 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-21 13:38 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-21 13:38 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-21 13:38 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-21 13:38 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-21 13:38 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-21 13:37 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-21 13:38 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-21 13:38 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-21 13:37 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-21 13:37 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-21 13:38 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-21 13:38 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-12 20:07 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-21 13:37 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-21 13:37 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-21 13:38 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-21 13:38 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-21 13:37 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-12 20:07 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-21 13:38 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-21 13:37 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-21 13:37 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-21 13:37 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-21 13:37 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-21 13:38 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 00546096 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-12 20:07 - 2016-02-16 19:39 - 00357680 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-21 13:38 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\Paja\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-10-09 16:00 - 2015-10-09 16:00 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-21 13:50 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-21 13:50 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Paja\Desktop\20160103_200822.jpg:com.dropbox.attributes [211]
AlternateDataStreams: C:\Users\Paja\Desktop\20160103_201516.jpg:com.dropbox.attributes [416]
AlternateDataStreams: C:\Users\Paja\Desktop\Getting Started.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Paja\Desktop\NewDoc 6.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Paja\Desktop\NewDoc 7.pdf:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-05-01 08:05 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3655408085-2314531987-3534120068-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F5FBFFD8-0333-442E-8BB2-C8F7B37145D1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{9FF32CB9-654C-46EC-BAA1-187CA0E4F2B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{7B254FFB-B2CB-454F-B61E-0EA64839B20D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1326D08F-CA6F-4D30-8EBF-6D766AC1FA40}] => (Allow) LPort=2869
FirewallRules: [{BE38FD13-DF2E-4C91-93DD-F50ACF9920A0}] => (Allow) LPort=1900
FirewallRules: [{48D940CD-9846-40C4-833A-ADE8FF0C3DB0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F8D56078-E703-43BA-8C80-C496AE4FF4BA}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5523CA38-0C65-436E-A151-08F25E30266B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{71615069-E965-47D4-B253-F946FB8CBADF}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{35E6A0D6-7998-46F1-A438-921B4FAC5E28}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{5DE8996B-1B43-426A-927E-0187977468F4}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{E2A42D8C-A5FD-449C-9D27-0913CACEE4C6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{C9638617-EEED-4652-A07F-504FBDCF6150}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8BC377A7-B5F3-461A-A9A9-69F260240B21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{DB348821-BFB2-4DEC-B932-F8D6DA17ACDC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{0385355C-FC28-4CEC-939F-7386B8B9F7E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B83C316-D537-4081-B4A4-7DC9BCB4DC1B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A772C15D-AB3A-471A-A5AA-D75BEE3B3309}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{47D9C87C-627D-4C54-A332-6F8F995E9055}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{975C95C3-0325-42E7-A196-BF8E59F6212B}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{BA176421-A97B-4874-AD70-DB4BDBDB691F}] => (Allow) C:\Users\Paja\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A7C0323C-83E6-4A8B-AB94-C53C312F59B8}] => (Allow) C:\Users\Paja\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{889838CE-D300-4900-AA4F-4505F3C3DEDD}C:\users\paja\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\paja\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DD98E5A6-FCCD-4D0F-B9B4-22CD427AAAAB}C:\users\paja\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\paja\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{75EC3464-E8D3-4DD8-AD4D-C1F3308DDF55}] => (Allow) C:\Users\Paja\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{469DACF5-F1F4-4C56-AAB9-4D8B8FBBC9E7}] => (Allow) C:\Users\Paja\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{186DA353-2187-476A-BD7C-3EB3693761E7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{11B5DBD8-AFC5-4601-A15D-B88269DB0E73}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{38EE33AF-7ECA-482D-813C-B7FAE55AECB2}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{9AFD5EE8-BA62-400A-A3D2-C3185B5B2164}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

12-02-2016 18:46:44 Windows Update
16-02-2016 23:27:09 Windows Update
21-02-2016 13:43:22 Windows Update
26-02-2016 21:16:03 Windows Update
27-02-2016 00:10:46 Windows Update
01-03-2016 21:59:51 Windows Update
06-03-2016 09:58:31 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/06/2016 10:45:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (03/06/2016 10:45:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (03/06/2016 10:45:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (03/06/2016 10:23:46 AM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Službě Windows Search se nepodařilo vytvořit nový vyhledávací index. Došlo k vnitřní chybě <4, 0x8004117f, Nepodařilo se přidat projekt: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (03/06/2016 10:23:46 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
	0x%08x (0x8004117f - Server indexu obsahu neaktualizoval nebo nenačetl informace kvůli chybě databáze. Zastavte a restartujte vyhledávací službu. Pokud potíže potrvají, vymažte index obsahu a proveďte znovu jeho procházení. V některých případech bude pravděpodobně nutné odstranit a znovu vytvořit index obsahu.  (HRESULT : 0x8004117f))

Error: (03/06/2016 10:23:44 AM) (Source: ESENT) (EventID: 485) (User: )
Description: Windows (3776) Windows: Pokus o odstranění složky C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace odstranění složky se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (03/06/2016 10:23:34 AM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (3776) Windows: Pokus o otevření souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (03/06/2016 10:23:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error: (03/06/2016 10:23:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error: (03/06/2016 10:23:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.


System errors:
=============
Error: (03/06/2016 10:25:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.

Error: (03/06/2016 10:23:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/06/2016 10:23:47 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-2147217025, specifickou pro službu.

Error: (03/06/2016 10:22:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby: 
%%1070

Error: (03/06/2016 10:22:01 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.

Error: (03/06/2016 10:21:52 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.

Error: (03/06/2016 10:21:30 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí přestala během spouštění reagovat.

Error: (03/06/2016 10:19:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/06/2016 10:19:29 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (03/06/2016 10:19:11 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT AUTHORITY)
Description: Nepodařilo se inicializovat klienta CBS. Poslední chyba: 0x8007041d


CodeIntegrity:
===================================
  Date: 2013-07-10 16:07:16.939
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-10 16:07:16.861
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-10 16:07:16.783
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-10 16:07:16.705
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-10 15:59:45.989
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-10 15:59:45.911
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-10 15:59:45.833
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-10 15:59:45.771
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-09 13:26:44.845
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-07-09 13:26:44.751
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 51%
Total physical RAM: 3936.49 MB
Available physical RAM: 1925.73 MB
Total Virtual: 7871.18 MB
Available Virtual: 5523.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:420.33 GB) (Free:66.07 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:30.48 GB) (Free:28.09 GB) NTFS
Drive e: () (Removable) (Total:3.82 GB) (Free:1.33 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F14442BE)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=420.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: EB437CD5)
Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B)

==================== End of Addition.txt ============================