Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017
Ran by Aleš (09-01-2017 18:01:57)
Running from C:\Users\Aleš\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-12-30 14:23:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2946401897-2722229576-4102065995-500 - Administrator - Disabled)
Aleš (S-1-5-21-2946401897-2722229576-4102065995-1001 - Administrator - Enabled) => C:\Users\Aleš
ASPNET (S-1-5-21-2946401897-2722229576-4102065995-1005 - Limited - Enabled)
Guest (S-1-5-21-2946401897-2722229576-4102065995-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2946401897-2722229576-4102065995-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader 9 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
CDex extraction audio (HKLM-x32\...\CDex) (Version:  - )
Creative Audio Center (HKLM-x32\...\Audio Center) (Version:  - )
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Doplněk Microsoft Save as PDF pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B0-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
ESET Smart Security (HKLM\...\{B7412400-95EF-4C4A-A887-6D6644235E7D}) (Version: 8.0.301.4 - ESET, spol s r. o.)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version:  - )
hppMSRedist (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppusgP1000 (x32 Version: 1.1.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Název společnosti:)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Mega Codec Pack 7.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x64 cs) (HKLM\...\Mozilla Firefox 50.1.0 (x64 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.8 - Frank Heindörfer, Philip Chinery)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5901 - Realtek Semiconductor Corp.)
SPMT (HKLM-x32\...\{097AE5D5-478A-4F29-A8D9-95575F0A0C00}) (Version: 2.6.0 - SPMT)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.57a - Ghisler Software GmbH)
Winamp (remove only) (HKLM-x32\...\Winamp) (Version:  - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Zoner Photo Studio 8 (HKLM-x32\...\Zoner Photo Studio 8_is1) (Version:  - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {841620B1-9D3D-4325-8947-5D7E8D715018} - System32\Tasks\{E3F485ED-2FFA-4F17-A02E-6000D9363F7A} => pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {8B578CD4-30DF-4BC6-A363-A7885444D4B2} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 8.0\upgrade.exe [2017-01-03] (ESET)
Task: {E0F532CE-F98E-4E8B-8F3B-5193197E69A1} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-12-30 16:36 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2016-12-31 11:14 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-12-30 15:34 - 2009-11-30 18:54 - 00089088 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2016-12-30 15:34 - 2009-12-08 15:52 - 00230912 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-04-29 23:25 - 2013-04-29 23:25 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-04-29 23:25 - 2013-04-29 23:25 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2016-12-31 11:19 - 2016-12-31 11:19 - 03289088 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b2d799d1\mscorlib.dll
2016-12-31 11:20 - 2016-12-31 11:20 - 01929216 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_373df7d8\system.dll
2016-12-31 11:20 - 2016-12-31 11:20 - 00835584 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_ee9100ea\system.drawing.dll
2016-12-31 11:20 - 2016-12-31 11:20 - 02994176 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_a90881ff\system.windows.forms.dll
2016-12-31 11:20 - 2016-12-31 11:20 - 02076672 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_e48b9fb2\system.xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2946401897-2722229576-4102065995-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Aleš\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{66B8D18D-F8EE-426E-8AA2-0E87C9BA60D6}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{31FCB3CE-4E97-43B7-AE47-B2B6A41E91E8}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FA3C7ED9-61AD-492B-8B9B-4DF09C772B6C}] => C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{DB68B0D1-5AAA-4BFC-A98A-D50AD363F8A6}] => C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE

==================== Restore Points =========================

30-12-2016 21:32:47 Aktualizace Windows 7 Service Pack 1
31-12-2016 11:18:33 Installed Microsoft .NET Framework 1.1
31-12-2016 11:21:28 Installed SPMT

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/30/2016 10:04:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CTAudSvc.exe, verze: 3.11.0.0, časové razítko: 0x49a21b7a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x755e6cc4
ID chybujícího procesu: 0x2e0
Čas spuštění chybující aplikace: 0x01d262b9a6693e24
Cesta k chybující aplikaci: C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 992f6c87-ced3-11e6-b101-001e68e28243

Error: (12/30/2016 10:01:32 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: Systém událostí modelu COM+ nemohl odebrat objekt EventSystem.EventSubscription - {60042969-6CCA-46CD-81D4-22A056C989F3}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Název objektu: HB_StartScreenSaver
Popis objektu: 
Hodnota HRESULT byla 80070005.

Error: (12/30/2016 09:32:50 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Chyba služby Stínová kopie svazků: Svazek nebo disk není připojen nebo nebyl nalezen. 
Kontext chyby: CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy17,0xc0000000,0x00000003,...).


Operace:
   Probíhá zpracování události PostFinalCommitSnapshots

Kontext:
   Kontext spuštění: System Provider

Error: (12/30/2016 05:26:47 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: Systém událostí modelu COM+ nemohl odebrat objekt EventSystem.EventSubscription - {60042969-6CCA-46CD-81D4-22A056C989F3}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Název objektu: HB_StartScreenSaver
Popis objektu: 
Hodnota HRESULT byla 80070005.

Error: (12/30/2016 04:37:55 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: Systém událostí modelu COM+ nemohl odebrat objekt EventSystem.EventSubscription - {60042969-6CCA-46CD-81D4-22A056C989F3}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Název objektu: HB_StartScreenSaver
Popis objektu: 
Hodnota HRESULT byla 80070005.

Error: (12/30/2016 04:07:14 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: Systém událostí modelu COM+ nemohl odebrat objekt EventSystem.EventSubscription - {5C70CD3A-8913-4D93-94F7-79182EF1B930}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Název objektu: HB_StopScreenSaver
Popis objektu: 
Hodnota HRESULT byla 80070005.

Error: (12/30/2016 03:23:18 PM) (Source: VSS) (EventID: 12344) (User: )
Description: Chyba služby Stínová kopie svazku: Byla zjištěna chyba 0x00000000c000014d během přípravy registru pro stínovou kopii
nástrojem pro zápis do registru.  Vyhledejte všechny související chyby v protokolech událostí systému a aplikace.


Operace:
   Událost OnFreeze
   Událost zmrazení

Kontext:
   Kontext spuštění: Registry Writer
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Název modulu pro zápis: Registry Writer
   ID instance modulu pro zápis: {de50f3f3-5e3b-4ed2-88cf-0f705040b7db}

Error: (12/30/2016 03:04:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -546.

Error: (12/30/2016 03:04:46 PM) (Source: ESENT) (EventID: 412) (User: )
Description: Catalog Database (308) Catalog Database: Ze záhlaví souboru protokolu C:\Windows\system32\CatRoot2\edb.log nelze číst. Chyba -546

Error: (12/30/2016 03:04:46 PM) (Source: ESENT) (EventID: 412) (User: )
Description: Catalog Database (308) Catalog Database: Ze záhlaví souboru protokolu C:\Windows\system32\CatRoot2\edb.log nelze číst. Chyba -546


System errors:
=============
