﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2016
Ran by ppoli (2016-06-04 18:15:14)
Running from C:\Users\ppoli\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-26 18:31:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2475697587-2687881428-3418839386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2475697587-2687881428-3418839386-503 - Limited - Disabled)
Guest (S-1-5-21-2475697587-2687881428-3418839386-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2475697587-2687881428-3418839386-1007 - Limited - Enabled)
ppoli (S-1-5-21-2475697587-2687881428-3418839386-1001 - Administrator - Enabled) => C:\Users\ppoli

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Color Cop 5.4.3 (HKLM-x32\...\Color Cop_is1) (Version:  - Jay Prall)
DiFM Listener v1.1.2 (HKLM-x32\...\DiFM Listener_is1) (Version:  - ©2008 GullySoft)
FastStone Capture 8.4 (HKLM-x32\...\FastStone Capture) (Version: 8.4 - FastStone Soft)
FastStone Image Viewer 5.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft)
FileZilla Client 3.18.0 (HKLM-x32\...\FileZilla Client) (Version: 3.18.0 - Tim Kosse)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version:  - )
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
High-Logic FontCreator 9 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4274 - Intel Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 91 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180910}) (Version: 8.0.910.14 - Oracle Corporation)
JetBrains PhpStorm 2016.1.2 (HKLM-x32\...\PhpStorm 2016.1.2) (Version: 145.1616.3 - JetBrains s.r.o.)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.4823.1004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 cs)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mp3tag v2.77 (HKLM-x32\...\Mp3tag) (Version: v2.77 - Florian Heidenreich)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.22 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4823.1004 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 368.22 (Version: 368.22 - NVIDIA Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Scratch Live 2.5.0 (11) (HKLM-x32\...\{EA21EB55-073F-4CF5-A964-0412E755955A}) (Version: 2.5.0 - Serato Inc LP)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wondershare Video Converter Ultimate 8.6.0 (HKLM-x32\...\Wondershare Video Converter Ultimate 8.6.0) (Version: 8.6.0 - Wondershare)
Wondershare Video Converter Ultimate(Build 8.6.0.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.6.0.0 - Wondershare Software)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.20-0 - Bitnami)
Xperia Companion (HKLM-x32\...\{69fb49e3-2848-40e8-9fdd-8f02e02c327a}) (Version: 1.1.24.0 - Sony)
Xperia Companion (x32 Version: 1.1.24.0 - Sony) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2475697587-2687881428-3418839386-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ppoli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B053AB6-9156-4499-A0BC-185D9DD81856} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-26] (Google Inc.)
Task: {10BF231E-9B80-440E-9470-85628C19957B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-26] (Google Inc.)
Task: {3ABE26A2-E56D-4B98-82BB-B4BB22DEFB22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4DD08B4B-405F-4BCE-B69C-4BA6BD7E817D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {663DEE0B-4E5D-45A3-8A61-A5972AA740D1} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-04] (Realtek Semiconductor)
Task: {7635932E-8D74-4D16-82C0-F9FE8A1BA1BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {9962E9F5-BC60-473E-8E03-6BDDAA3DF9E3} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-p.polivka@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {D90EBD8E-C106-4A4F-9EDA-B004B8C1A5CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\ppoli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serato\Scratch LIVE\Install ASIO Drivers.lnk -> C:\Program Files (x86)\Serato\asio_installer.bat ()

ShortcutWithArgument: C:\Users\ppoli\Desktop\Miroslava - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\ppoli\Desktop\p.polivka@gmail.com.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\ppoli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Jak vytvořit zástupce Google Chrome -.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 2" --app-id=lbmjgcnhmmbmdalgcodkibjbbblgaghk
ShortcutWithArgument: C:\Users\ppoli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Miroslava - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-04-26 20:45 - 2016-05-20 04:08 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-26 23:16 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-04-26 23:39 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-26 23:39 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-26 23:39 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-26 23:39 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-26 23:39 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-26 23:39 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-26 23:39 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-26 23:39 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-26 21:15 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-26 21:15 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-24 18:45 - 2016-05-24 18:45 - 00959168 _____ () C:\Users\ppoli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-21 17:10 - 2015-02-27 14:38 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2016-03-28 20:07 - 2016-03-28 20:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-04-26 23:50 - 2016-04-26 23:51 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-09-05 22:34 - 2015-09-05 22:34 - 00405424 _____ () C:\Windows\system32\igfxTray.exe
2016-02-13 14:53 - 2016-02-13 14:53 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-18 18:34 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-18 18:34 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-18 18:34 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-18 18:34 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-18 18:34 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-30 01:10 - 2009-01-20 13:43 - 00797184 _____ () C:\Program Files (x86)\DiFM Listener\DiFM.exe
2016-01-06 18:41 - 2016-01-06 18:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-05-13 18:44 - 2016-05-13 18:44 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-05-20 03:58 - 2016-05-20 03:58 - 06068224 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\8a7758d6e78e3df78f16ac6bcbcf7f96\Windows.UI.Xaml.ni.dll
2016-05-21 17:02 - 2016-05-21 17:02 - 04276736 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\7b93f417a253d07d7d542825407973ad\Windows.ApplicationModel.ni.dll
2016-05-20 03:58 - 2016-05-20 03:58 - 00302080 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\e0fc9c7eb81f449c6fd25b09dc2dd671\Windows.Globalization.ni.dll
2016-05-21 17:02 - 2016-05-21 17:02 - 01188864 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\4e41a1053a77e24d167aad6ef88a1134\Windows.Storage.ni.dll
2016-05-21 17:02 - 2016-05-21 17:02 - 00497664 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\0c168de19f2576f13020da2bdb2a6d56\Windows.Foundation.ni.dll
2016-05-20 03:58 - 2016-05-20 03:58 - 01808896 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\ac612a537bf8cbf892abb2b09802dfa2\Windows.Networking.ni.dll
2016-05-20 03:58 - 2016-05-20 03:58 - 00980480 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\f66fe9e936b2987a489197872ce0e691\Windows.Security.ni.dll
2016-05-21 17:02 - 2016-05-21 17:02 - 00044544 _____ () C:\Users\ppoli\AppData\Local\Packages\microsoft.windows.featureondemand.insiderhub_cw5n1h2txyewy\AC\Microsoft\CLR_v4.0\NativeImages\PilotsHub.N1e9ceace#\eede564965ec57fd6193b42d195d221b\PilotsHub.NativeHelper.ni.dll
2016-05-20 03:58 - 2016-05-20 03:58 - 01984000 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\6e466c96c9465d623ab011de004da48f\Windows.UI.ni.dll
2016-04-26 23:39 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-26 23:39 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-26 23:50 - 2016-04-26 23:51 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-26 23:50 - 2016-04-26 23:51 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-26 23:39 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-24 18:44 - 2016-05-24 18:44 - 00679624 _____ () C:\Users\ppoli\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2016-05-07 12:21 - 00002636 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 crl.verisign.net

There are 28 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2475697587-2687881428-3418839386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ppoli\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\1_lukasz&milena-summertimepoland.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BBCA2DDD-E87D-46D8-8C11-BF25B1E427D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{861D8BD1-D8C0-4EB2-A6BF-99438A6F5615}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC5C9A84-83BC-4EC0-8049-E4ADDB9A7FCA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{FE40AE44-10A3-4D17-905F-58536C992FED}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B78856CC-B219-43B2-8D77-7315048C9664}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6713436A-E9F0-4000-8ACE-8AC05353C9A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBAA821C-F325-4C3F-A8DC-FE0705DCDE99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{775CDF5A-ED04-4818-AD5F-CE501EE9CA78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3494794F-7962-4988-84EC-82AB191603EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BED5FAE9-17BC-418A-9965-ACCF67D4CE4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{197E1153-9238-4F6B-8F2F-87E68636C9D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BDAF0FBA-8981-47F5-9ACF-5AFD2F2720F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{57ACA66F-7ADE-4BFF-BA71-3216F7CCCFF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F78CBFD2-30D8-484E-9D03-AEE29AAE5F47}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4AF0041-95B0-4970-96CB-C8BE4E271D57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{001846A9-98CD-4AA2-99B5-924DEA19DFE0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D3D33CB3-0DDE-424C-8EBB-5590F2D30001}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{67E99DEF-2AB0-44B5-854D-8A6567E044E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08A894DF-3975-46F9-A5DA-007BA1656A3D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{D7D49F17-BEEC-43E1-A099-B0EC7C139C15}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{47706E1A-276D-4093-8AEE-F08315E1AA9B}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{D13BA135-7F9C-491E-A8DF-53436971E532}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{59AF60D8-57FE-4537-AD7F-6DCCB0255C27}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{958C836A-BB19-484F-B5C4-FCFD77509B13}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{D5FB6BED-15D4-4752-9C0D-7FDF2A9CB586}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{BF42DC88-F0DE-4608-832F-0BC4F348743C}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{53A88D42-1223-4415-A308-0FDCBE78E357}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [TCP Query User{290256CA-3E7A-4764-B15F-1A7214221F67}C:\program files\java\jdk1.8.0_91\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_91\bin\java.exe
FirewallRules: [UDP Query User{51F94C05-A307-4377-9AB5-57281452BB11}C:\program files\java\jdk1.8.0_91\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_91\bin\java.exe
FirewallRules: [TCP Query User{8DDA15F7-6602-49D7-BB6E-2EED3C0EC45E}C:\program files\netbeans 8.1\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [UDP Query User{6F0701A4-EFE8-4CC8-BD52-21704B86F389}C:\program files\netbeans 8.1\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.1\bin\netbeans64.exe
FirewallRules: [TCP Query User{504500E0-C9A2-4412-9770-7075F26F9F6E}C:\program files (x86)\jetbrains\phpstorm 2016.1.2\bin\phpstorm64.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 2016.1.2\bin\phpstorm64.exe
FirewallRules: [UDP Query User{E67A029E-E4E7-4B2B-AE53-28917E657622}C:\program files (x86)\jetbrains\phpstorm 2016.1.2\bin\phpstorm64.exe] => (Allow) C:\program files (x86)\jetbrains\phpstorm 2016.1.2\bin\phpstorm64.exe

==================== Restore Points =========================

18-05-2016 19:04:43 Windows Update
21-05-2016 14:28:14 Xperia Companion
28-05-2016 18:18:32 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2016 09:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10808438

Error: (06/03/2016 09:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10808438

Error: (06/03/2016 09:48:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/03/2016 09:48:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10805735

Error: (06/03/2016 09:48:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10805735

Error: (06/03/2016 09:48:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/03/2016 06:17:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60578

Error: (06/03/2016 06:17:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60578

Error: (06/03/2016 06:17:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/03/2016 06:15:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-3AMHC7P)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (06/03/2016 06:47:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/03/2016 06:28:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_194be0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/03/2016 06:28:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_194be0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/03/2016 06:28:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_194be0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/03/2016 06:28:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_194be0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/03/2016 06:28:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/03/2016 06:16:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/03/2016 06:14:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_2e7f9 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/03/2016 06:14:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_2e7f9 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/03/2016 06:14:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_2e7f9 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
  Date: 2016-06-03 18:04:40.183
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 18:04:40.173
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 18:01:16.704
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 18:01:16.692
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 17:51:07.010
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 17:51:07.001
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 17:51:06.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 17:51:06.977
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 17:51:06.968
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-03 17:51:06.957
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 18%
Total physical RAM: 8103.3 MB
Available physical RAM: 6578.06 MB
Total Virtual: 14503.3 MB
Available Virtual: 12992.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.96 GB) (Free:850 GB) NTFS
Drive d: () (Removable) (Total:0.96 GB) (Free:0.96 GB) exFAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 984 MB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================