﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-06-2016 01
Ran by plsek (2016-06-13 19:37:26)
Running from C:\Users\plsek\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-31 20:25:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-651915769-3154784787-1136458550-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-651915769-3154784787-1136458550-503 - Limited - Disabled)
Guest (S-1-5-21-651915769-3154784787-1136458550-501 - Limited - Disabled)
plsek (S-1-5-21-651915769-3154784787-1136458550-1001 - Administrator - Enabled) => C:\Users\plsek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AIDA64 Extreme v5.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.60 - FinalWire Ltd.)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - Frictional Games)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.5-5 - Wacom Technology Corp.)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 15.06.0005 - Bloody)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
EMET 5.5 (HKLM-x32\...\{E27E74F0-0EAD-4C5D-8F6F-1C9192D24AA5}) (Version: 5.5 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
f.lux (HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\Flux) (Version:  - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\{0B5D7DA7-9220-392F-89C6-4C75AB36E977}) (Version: 47.0.2526.106 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.20 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.78.00 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.4 - LG Electronics)
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProPlusRetail - sk-sk) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.6965.2053 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM-x32\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA Ovladače grafiky 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6925.1016 - Microsoft Corporation) Hidden
Opera developer 39.0.2248.0 (HKLM-x32\...\Opera 39.0.2248.0) (Version: 39.0.2248.0 - Opera Software)
Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{03aa02d4-8bdd-4aff-aa92-e0e8ce485faf}) (Version: latest - ppy Pty Ltd)
Ovládací panel NVIDIA 368.22 (Version: 368.22 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
PuTTY (HKLM-x32\...\{ED9EF59B-0799-428E-823D-6D2B7B4FE2E0}) (Version: 0.67.0.0 - Simon Tatham)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
RAPID Mode (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7045 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Sandboxie 5.10 (64-bit) (HKLM\...\Sandboxie) (Version: 5.10 - Sandboxie Holdings, LLC)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0000-0000-0000000FF1CE}_Office14.SharePointDesigner_{8B883A57-E4BC-4745-8E6C-68168850F9DD}) (Version:  - Microsoft)
SNS Upload for Easy Document Creator (HKLM-x32\...\{1423B8CC-EE7F-4B57-A67C-35BAE3F177F0}) (Version: 1.0.0 - Xerox Corporartion)
Spotify (HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (Advanced) (HKLM\...\{D342A8F4-B82B-4348-A407-F1F91CF44128}) (Version: 4.5.505.0 - Synaptics)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Transcriber 1.5.1 (HKLM-x32\...\Transcriber_is1) (Version:  - DGA)
USBPcap 1.1.0.0-g794bf26 (HKLM\...\USBPcap) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1-2) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.1 (Version: 1.0.11.1 - LunarG, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{22662b08-91e0-4540-bb98-c96f32e09417}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Drive Utilities (x32 Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WebTablet FB Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.0.0.1 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
Wireshark 2.0.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.2 - The Wireshark developer community, hxxps://www.wireshark.org)
Xerox Easy Document Creator (HKLM-x32\...\Xerox Easy Document Creator) (Version: 1.05.93 (11.04.2014) - Xerox Corporation)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox MFP PC Fax (HKLM-x32\...\Xerox MFP PC Fax) (Version: 1.10.22 (21.04.2014) - Xerox Corporation)
Xerox Scan Process Machine (x32 Version: 1.01.13.02 - Xerox Corporation) Hidden
Xerox WorkCentre 3225 (HKLM-x32\...\Xerox WorkCentre 3225) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-651915769-3154784787-1136458550-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\plsek\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17663F54-BB9B-4CE3-AF5C-9AC55A55E8EA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14] (Adobe Systems Incorporated)
Task: {1AC61036-73AA-4377-9BB6-4D0A6EC0D15C} - System32\Tasks\Windows Defendeer scan -Full => C:\Program Files\Windows Defender\MpCmdRun.exe [2015-10-30] (Microsoft Corporation)
Task: {2B005862-B51F-4540-BA20-5961D3440964} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)
Task: {2B39FD18-1EAE-436F-A7D0-39F087B8AAFA} - System32\Tasks\Windows Defender scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2015-10-30] (Microsoft Corporation)
Task: {422CC540-B46E-420A-B469-E698A70F2C7D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-05-26] (Microsoft Corporation)
Task: {467719B8-F6EA-4E42-A0F4-866935F83585} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)
Task: {4A5E6911-84C1-4798-ADB5-0050A75D2F8D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe [2016-05-14] (Adobe Systems Incorporated)
Task: {561FD684-A5E6-4A36-BED4-32E1C7BD4EF4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {5B7CE6A5-9FD3-4966-A655-1194FEFB5B55} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-26] (Microsoft Corporation)
Task: {722C07BC-5BCF-4755-A2CD-B744C338297C} - System32\Tasks\Opera scheduled Autoupdate 1465502273 => C:\Program Files (x86)\Opera developer\launcher.exe [2016-06-02] (Opera Software)
Task: {85C4A1A9-7042-4B5E-B141-66479C943D0E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-05-26] (Microsoft Corporation)
Task: {91AF8942-5912-4155-B0B1-41555FC93A02} - System32\Tasks\{758EB444-094F-4491-8317-5BD82114C811} => pcalua.exe -a "C:\Program Files (x86)\Tencent\QQPCMgr\11.0.16779.224\Uninst.exe"
Task: {C869796B-09EF-439F-AC24-7435A5E2F932} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-26] (Microsoft Corporation)
Task: {CE876678-DDAC-4B77-AE03-FC331B0713A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {D3068508-D9E2-481B-9654-D5717A15F0D0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-24] (Realtek Semiconductor)
Task: {FB7E3356-5AAD-48A3-8F41-CF30B7D117CE} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\plsek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2016-05-27 20:44 - 2016-05-20 04:08 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-15 20:01 - 2013-12-06 15:50 - 00034304 _____ () C:\WINDOWS\System32\sxa7mlm.dll
2016-05-29 19:48 - 2011-09-08 17:48 - 01183096 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2016-04-13 13:04 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 13:04 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-19 19:03 - 2016-04-19 19:03 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-31 22:15 - 2015-12-31 22:15 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 17:14 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 17:14 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 17:14 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 17:14 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 17:14 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-09 17:12 - 2016-06-04 03:01 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-09 17:12 - 2016-06-04 03:01 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
2016-04-19 19:03 - 2016-04-19 19:03 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 19:03 - 2016-04-19 19:03 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-14 01:41 - 2016-05-13 01:35 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2016-05-05 17:07 - 2016-04-29 22:10 - 00785920 _____ () D:\Programy\Steam\SDL2.dll
2016-02-04 17:14 - 2015-07-03 18:12 - 04962816 _____ () D:\Programy\Steam\v8.dll
2016-06-11 14:34 - 2016-06-10 00:24 - 02387024 _____ () D:\Programy\Steam\video.dll
2016-02-04 17:14 - 2015-07-03 18:12 - 01556992 _____ () D:\Programy\Steam\icui18n.dll
2016-02-04 17:14 - 2015-07-03 18:12 - 01187840 _____ () D:\Programy\Steam\icuuc.dll
2016-03-12 23:22 - 2016-02-09 01:14 - 02549760 _____ () D:\Programy\Steam\libavcodec-56.dll
2016-03-12 23:22 - 2016-02-09 01:14 - 00491008 _____ () D:\Programy\Steam\libavformat-56.dll
2016-03-12 23:22 - 2016-02-09 01:14 - 00332800 _____ () D:\Programy\Steam\libavresample-2.dll
2016-03-12 23:22 - 2016-02-09 01:14 - 00442880 _____ () D:\Programy\Steam\libavutil-54.dll
2016-03-12 23:22 - 2016-02-09 01:14 - 00485888 _____ () D:\Programy\Steam\libswscale-3.dll
2016-06-11 14:34 - 2016-06-10 00:24 - 00829008 _____ () D:\Programy\Steam\bin\chromehtml.DLL
2016-03-12 23:22 - 2016-02-18 00:25 - 00281088 _____ () D:\Programy\Steam\openvr_api.dll
2016-06-11 14:34 - 2016-06-01 02:21 - 49826080 _____ () D:\Programy\Steam\bin\libcef.dll
2016-01-07 16:56 - 2016-05-29 18:33 - 47503472 _____ () C:\Users\plsek\AppData\Roaming\Spotify\libcef.dll
2016-01-07 16:56 - 2016-05-29 18:33 - 01584240 _____ () C:\Users\plsek\AppData\Roaming\Spotify\libglesv2.dll
2016-01-07 16:56 - 2016-05-29 18:33 - 00082032 _____ () C:\Users\plsek\AppData\Roaming\Spotify\libegl.dll
2016-06-09 21:57 - 2016-06-02 06:38 - 70722088 _____ () C:\Program Files (x86)\Opera developer\39.0.2248.0\opera.dll
2016-06-09 21:57 - 2016-06-02 06:38 - 02224168 _____ () C:\Program Files (x86)\Opera developer\39.0.2248.0\libglesv2.dll
2016-06-09 21:57 - 2016-06-02 06:38 - 00087592 _____ () C:\Program Files (x86)\Opera developer\39.0.2248.0\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\41514542.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\67307086.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\41514542.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\67307086.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-31 00:42 - 2016-05-29 22:05 - 00000707 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-651915769-3154784787-1136458550-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: rpcapd => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Xerox MFP PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-651915769-3154784787-1136458550-1001\...\StartupApproved\Run: => "Bloody2"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FD5E52A6-3E6D-43D0-9B3D-A75984518022}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{28934A19-76A9-4A6D-A296-500F0F6E9E59}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D9FEAA7F-C862-41E6-AE06-18779DB9E947}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{4EEDEE9B-F826-4080-BB01-3D2D34177B3D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{EAD03F10-2F2F-4BEE-BE41-68CDD0D23814}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E2403108-20A2-4F85-AFCB-C55DCEE11A02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{59BECA94-D7C2-4929-B846-D969D25F4381}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{A14DE9F0-E59D-453B-A6FF-472DF6F7315B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{FD1F7954-39AE-49E3-B89F-74178FD6D059}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{F926A6E9-B802-4FF0-83BC-5D181EB7735F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{3FE07E39-5A8D-4CCC-B2B2-568E77BB8B17}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{EB979867-5259-4634-B819-58785B84494A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{F27D9256-6E3E-4C52-A1F2-1E292AB06761}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{CF98B397-F5F2-489A-B060-7FF74AFC0530}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{404E3EB6-593D-401C-A1C4-4754E885A2A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E1ADD1DD-5B88-4F1F-9CC0-07B7756C2FFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{B4782D81-4229-4B17-8BF8-0B76F587D6E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{69314C04-80E3-403D-8E8E-7797EFD5DB43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{FC765E14-733F-47D2-843F-E12102AECE79}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [UDP Query User{EA92CE04-9312-4A46-912D-1E3045A2E769}E:\nová složka\utorrent.exe] => (Allow) E:\nová složka\utorrent.exe
FirewallRules: [TCP Query User{D18DB981-2C2B-4C7B-8A83-5B94CEDBBCC8}E:\nová složka\utorrent.exe] => (Allow) E:\nová složka\utorrent.exe
FirewallRules: [{3B873EB6-9194-4D27-A884-451B8382170E}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{16D60431-B4BC-45F1-9DB4-228AFD69BF45}] => (Allow) F:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{26D3964C-E0A9-48BF-9A63-2AEBA110B170}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C86F0BFE-298E-44FC-8315-6E0433B8A5BE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{713A6117-7598-4282-8112-267E3AC9A691}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{14553C38-7D68-4D58-8677-8BB9FEBA9202}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{72C8EBD9-A995-4A64-8A77-89B41AD49D35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D4C04B06-A00D-4B0B-AE7B-3911E8C91973}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{68C93D0D-D22E-4B2F-81D1-E163A76BBE62}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FC57DF9D-B5AE-4F1D-A9B9-11B27C7B3ED9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5AC149D4-684C-4F8B-AF85-15D88D7C7002}] => (Block) C:\Windows\explorer.exe
FirewallRules: [{1B59E05D-FDDA-4257-B9A2-61C6DB6C5D77}] => (Allow) F:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{75D157DF-E409-4600-932C-D709E88572AD}] => (Allow) F:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{877B1ACE-A4A2-45EB-A35A-F588840A4CA8}] => (Allow) F:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{DF61ED85-767D-42A0-BC8F-D853954E8308}] => (Allow) F:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{B415328F-FA44-4540-A2AD-F3B7702947CD}C:\users\plsek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\plsek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{85478F43-9EDD-4807-BF27-004843A60E6A}C:\users\plsek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\plsek\appdata\roaming\spotify\spotify.exe
FirewallRules: [{37E7A2D6-0915-4FDD-8534-39480263C659}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{42865C10-95F7-4484-87E8-D0F95BD15DF1}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{5C5CD52B-0D94-4800-BC74-97B2A48E8733}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E1B8C81D-829B-4C92-A0B5-E39946592831}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C633395B-15C6-4E69-8916-8EB94E3E96B3}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{21F90D31-B3F4-4F99-90D6-3BE42DD849D1}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D484C616-218E-4047-B2F0-75B5F4249190}] => (Allow) D:\Programy\Steam.exe
FirewallRules: [{E3EE4123-DC5C-4F9B-BEE7-ADBDE565D86B}] => (Allow) D:\Programy\Steam.exe
FirewallRules: [{3207A180-97BC-476B-B6B9-2D2B7ED0CBDF}] => (Allow) D:\Programy\bin\steamwebhelper.exe
FirewallRules: [{A83F9356-C202-491F-B2AA-6BD4D706C5F6}] => (Allow) D:\Programy\bin\steamwebhelper.exe
FirewallRules: [{57203B8A-5F0B-4DF3-970B-E54661DF5378}] => (Allow) D:\Programy\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F8B9F3A9-CE1D-4CA5-A80A-9B6E6DDA82FE}] => (Allow) D:\Programy\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{09553FFB-42F3-4E9D-865A-66C58DEC9987}] => (Allow) D:\Programy\Steam\Steam.exe
FirewallRules: [{30762E3D-E385-44BF-AEB8-C6197074C3D3}] => (Allow) D:\Programy\Steam\Steam.exe
FirewallRules: [{5538FE69-D281-4875-85C3-3CF920D0CE82}] => (Allow) D:\Programy\Steam\bin\steamwebhelper.exe
FirewallRules: [{7E146606-6D6C-47DF-A1E9-0542A587F746}] => (Allow) D:\Programy\Steam\bin\steamwebhelper.exe
FirewallRules: [{ECC85D42-2974-46AE-A6B1-529638E517CC}] => (Allow) D:\Programy\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{42A0A186-4A3E-460F-ABE3-0385ED84A48F}] => (Allow) D:\Programy\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7157310D-0215-452F-9D42-8E065AB89EF5}] => (Allow) D:\Programy\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{17CAA575-4C79-4DEC-921E-7AA646FE5DC7}] => (Allow) D:\Programy\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{515033B3-170D-42F3-A72F-26455467C690}] => (Allow) D:\Programy\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{E8BF1D5D-75DC-4CD4-A8C7-DFBC57D1C978}] => (Allow) D:\Programy\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{F3E6D892-5D30-4E9B-AEA7-D5A58B547EFC}] => (Allow) D:\Programy\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{BBA338D6-03B3-4A15-9375-A657512D0976}] => (Allow) D:\Programy\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{83EC6EC8-2549-4030-895F-09EB3FFFCC91}] => (Allow) D:\Programy\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{AE0A718F-E9B1-4FC9-950A-EAD3DE719B88}] => (Allow) D:\Programy\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{C50BCC77-38F8-4140-BC9C-D211B337DC79}] => (Allow) D:\Programy\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{623DB2D2-80D3-4D7B-BF4E-B2951E4CEF75}] => (Allow) D:\Programy\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{DD191B8B-9119-4E3C-8DBF-EC15C089A1E7}] => (Allow) D:\Programy\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{F12D961F-F47C-4D79-98E2-285AF1B57C17}] => (Allow) D:\Programy\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{CBA3DD4B-2B86-43A7-B268-BD4E4B7617DF}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{3B736654-FAFE-4EE2-B790-5A7E3D7864AA}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{A5E94AB8-A8BA-4A88-A877-DD63CB3FDA6F}] => (Allow) D:\Programy\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{71589909-739C-4FB4-8241-1072BFAB3BB8}] => (Allow) D:\Programy\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [TCP Query User{BD54BA1B-1844-4232-96C8-DF14543E87F4}C:\users\plsek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\plsek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8DF3EF30-4853-4AFD-A876-EB6E1A8FFC30}C:\users\plsek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\plsek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{B6FDCE9F-3602-44BF-A0BC-1ABA0847829E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9C5FB49F-23D9-4657-8EBE-89784DE5462B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{FF1F26CA-37D9-42BF-BCB3-B2053F9C760B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{04AF6C0C-111D-4660-B20A-2CF98E0E21E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{6352648D-AA98-42DB-A0EB-D67AADF45620}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{EB677625-4DAC-43A7-896E-B3D99ED8C533}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{6B4C4179-6308-47C2-8DAB-29242BD32C50}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{5B8745EF-55E1-41D1-B89A-D1163641A93D}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{35988667-75C2-4E10-9916-A9D3A5424FEC}] => (Block) %ProgramFiles%\VueScan\vuescan.exe
FirewallRules: [{AB678086-E902-40D6-A83B-80B5CDB244E2}] => (Block) %ProgramFiles%\VueScan\vuescan.exe
FirewallRules: [{EEAA1696-E476-4DDC-8861-E439515B9BA1}] => (Allow) C:\Windows\twain_32\Xerox\WC3225\ScanCDLM\ScanCDLM.exe
FirewallRules: [{2927A409-AEB5-4B6F-A934-A1EB65E21C54}] => (Allow) C:\Windows\twain_32\Xerox\WC3225\ScanCDLM\ScanCDLM.exe
FirewallRules: [{B35587B0-04D7-403C-AB93-67E113A64EBE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{49991134-93B9-4A25-8A4A-A1731D90B86A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{68484F7C-076D-41A0-ABF2-209B2ECD0E0F}] => (Allow) C:\Program Files (x86)\Xerox\Easy Document Creator\EDC.exe
FirewallRules: [{D5F7C5E9-48CB-4726-ABAE-B21A7E01DF89}] => (Allow) C:\Program Files (x86)\Xerox\Easy Document Creator\EDC.exe
FirewallRules: [{979B9996-E5FB-4D6B-9D2E-3EC58CAC28F5}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{148C5C81-7D91-4354-8B06-C7862463FB59}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C96DD7CA-6187-4E2E-A3B5-27EDC47A90EC}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F63D608D-6B26-4091-A089-2256D4AFDA19}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8DBFA295-A787-431C-B9CA-D82C18F78E66}] => (Allow) D:\Programy\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{F39872EC-56B4-4E4F-8BDB-2869C0373E89}] => (Allow) D:\Programy\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1679F384-EAAE-4C22-B251-51A80E0A8E1C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F8EE7227-0B57-473B-AF66-DAF900C804AF}] => (Allow) E:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{5409B395-0484-4186-B974-36B5CDE15DA6}] => (Allow) E:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{86740D6E-CF5F-4DA9-B198-710E67E1F255}] => (Allow) E:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{438BCE8F-F886-43F1-BFFB-3CC9D68FE3E2}] => (Allow) E:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{710FFE6A-6146-42AA-9EE9-985ACE653C5F}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe
FirewallRules: [{EC11D710-69EC-4F2B-9726-0090942ACC48}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe
FirewallRules: [{6F48B947-5D54-48E8-B0D4-D462B880ABAB}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe
FirewallRules: [{E2D132A9-5FCA-4559-9BFB-2E2E4574BCC9}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe
FirewallRules: [{989E9168-C9A5-4DB6-BFF8-B78EC31C9529}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe
FirewallRules: [{C98C769A-0ACE-4CE3-897C-14256453587B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe
FirewallRules: [{4244E06E-8CD8-4D58-93C8-AA59BC327E33}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe
FirewallRules: [{AFC3DE3D-8152-49F4-B963-6109808755C0}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe
FirewallRules: [{76C120D1-1978-4B3D-8910-43E575A86E49}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe
FirewallRules: [{1EEAFF25-047B-40A0-B43D-28F3A0E79D25}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe
FirewallRules: [{F7565BE7-0C2E-401C-8362-7C5DBE5C1771}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{6B88ADAA-9ACA-41C4-AF81-368C975C1093}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{5ED1AC08-F4B1-47D3-A5CD-BF2FA8B61FB7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{39B774D5-5A47-4ABB-A462-141D19E9873C}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{18CDEF8D-0AF0-4099-886A-CB3264921230}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7BA221F4-845E-49CC-8AA0-4733CFCE622C}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8A59A8B2-42EB-41AE-9EA2-7901F794FBFC}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{AB5E7E1D-01C0-42C3-9FD6-76B2DACDCDB2}] => (Allow) D:\Programy\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{EBE69BAC-CFBC-40A8-A521-5DB5DD98AE8B}] => (Allow) D:\Programy\Steam\steamapps\common\Team Fortress 2\hl2.exe

==================== Restore Points =========================

01-06-2016 17:00:48 Windows Update
04-06-2016 13:55:15 Installed Oracle VM VirtualBox 5.0.20
10-06-2016 20:47:32 RAPID

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/13/2016 06:00:14 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationWTSQueryUserToken failed with 0000003f0

Error: (06/13/2016 05:06:01 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationWTSQueryUserToken failed with 0000003f0

Error: (06/13/2016 05:05:37 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2760) Proces se ukončuje kvůli neopravitelnému selhání: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS).

Error: (06/13/2016 04:57:59 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationWTSQueryUserToken failed with 0000003f0

Error: (06/13/2016 04:57:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NOTEBOOK)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (06/13/2016 04:55:50 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationWTSQueryUserToken failed with 0000003f0

Error: (06/12/2016 07:21:03 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationWTSQueryUserToken failed with 0000003f0

Error: (06/12/2016 11:07:19 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/12/2016 11:07:18 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/12/2016 11:04:26 AM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: BiometricSensorDataSynchronizationWTSQueryUserToken failed with 0000003f0


System errors:
=============
Error: (06/13/2016 06:00:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:58:58, ‎13.‎06.‎2016) bylo neočekávané.

Error: (06/13/2016 05:58:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/13/2016 05:05:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba State Repository byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (06/13/2016 05:05:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_4ff02 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/13/2016 05:05:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_4ff02 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/13/2016 05:05:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_4ff02 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/13/2016 05:05:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_4ff02 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (06/13/2016 05:05:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (06/13/2016 05:05:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/13/2016 05:05:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Microsoft EMET Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
  Date: 2016-06-12 10:50:14.686
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume10\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-12 08:32:27.826
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume10\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-11 14:57:24.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-10 22:50:44.123
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume10\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-09 17:22:14.051
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume10\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-08 16:13:48.057
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume10\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-07 19:34:58.269
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume10\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-06 20:06:26.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume10\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-04 22:54:56.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume10\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-04 22:16:19.478
  Description: Code Integrity determined that a process (\Device\HarddiskVolume10\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume10\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz
Percentage of memory in use: 64%
Total physical RAM: 8089.96 MB
Available physical RAM: 2854.38 MB
Total Virtual: 9369.96 MB
Available Virtual: 3779.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:116.16 GB) (Free:34.09 GB) NTFS
Drive d: () (Fixed) (Total:115.7 GB) (Free:38.29 GB) NTFS
Drive e: (Místní disk) (Fixed) (Total:449.86 GB) (Free:372.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 02E8778F)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================