Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-02-2017
Ran by Jana (21-02-2017 14:58:11)
Running from C:\Users\Jana\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-13 10:12:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1565215568-3205290119-767311498-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1565215568-3205290119-767311498-503 - Limited - Disabled)
Guest (S-1-5-21-1565215568-3205290119-767311498-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1565215568-3205290119-767311498-1002 - Limited - Enabled)
Jana (S-1-5-21-1565215568-3205290119-767311498-1000 - Administrator - Enabled) => C:\Users\Jana
UpdatusUser (S-1-5-21-1565215568-3205290119-767311498-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0029 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software)
Balíček ovladače systému Windows - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
doPDF (Version: 8.2.929 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{1922fb50-7bb8-4221-8187-60436f4e3f87}) (Version: 8.2.929 - Softland)
Dropbox (HKU\S-1-5-21-1565215568-3205290119-767311498-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1565215568-3205290119-767311498-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17E7C163-EB00-4829-B5FC-F5FB92D22163}) (Version: 8.2.929 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{C4327631-0186-4EFF-A504-D468CB087D01}) (Version: 8.2.929 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{48CFCB4B-0488-4711-B54E-E8E3F5929166}) (Version: 8.2.929 - Softland)
NVIDIA Ovladače grafiky 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
Ovládací panel NVIDIA 369.09 (Version: 369.09 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.527 (x32 Version: 3.55.2393.527 - Avast Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1565215568-3205290119-767311498-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1565215568-3205290119-767311498-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1565215568-3205290119-767311498-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1565215568-3205290119-767311498-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1565215568-3205290119-767311498-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01E84EFB-BDBB-4754-8D2B-0494DF025813} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {04201F5B-118B-45E5-8E5C-BCC4ECB8173B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {04EE6510-C35E-4D02-8281-4CB2151E8547} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {10F3774B-B77D-437E-A2DA-E245519DB252} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {116D26CF-647C-4CDB-A7B8-49949DAC7831} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {140FA9D1-84F5-4C11-B28C-5D934853FAAE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1433265F-7636-4493-A034-2532D08DBFCE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {16448CF7-610E-4470-9292-578ABDFB51B8} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {18837749-4A65-48BD-BB99-205338B059F8} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {18AFFE96-9769-4355-9E35-4A1A9E6DCDA6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {1996402B-9151-4F07-BD79-93F3C89B708F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {1ACF8FAC-0A45-4D90-8E9F-4C378FC00375} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1FABF193-1C40-4CE3-8E2E-859B426A4500} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {29063E12-1D7B-4E3B-8D75-E69D377A565B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {2B48AD6A-0CA1-4090-B848-ABAD56FEA520} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {2EDF09C4-B65C-4EDD-97CE-96CAA4C8741D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-12-20] (ASUS)
Task: {308D5D85-1471-4667-99C3-1AEFDE8FA966} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {3653CC2E-076F-45C7-929A-B0D681DACC60} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-02-13] (AVAST Software)
Task: {36FE911C-1C53-4FFB-9DEC-5B58A5439412} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe 
Task: {39230A90-9BAE-42B8-8099-071DBDF969D0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {39EBA340-04AF-4FF6-80F1-1E7FBC721566} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {3D377538-33BB-4CEC-BBC6-4E274AA7B1D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {4174F865-BA3C-4E5E-8C40-46829A3BFCA6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {4510A3D1-A4EE-4BBA-B7F1-7F5D6EBF5292} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {4610AB9E-2C08-490B-9A4D-D25FB6269032} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51A1F374-E819-4110-A925-F7B7A9A17813} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {53F2D863-26F2-4CE5-9BF4-2386C9D72DBB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {59E98B94-DA36-4373-A220-D94D08BAB727} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {62376B02-4307-432E-B59F-3CBE08C5F524} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2015-02-27] ()
Task: {673A71AF-E82C-4DE3-A229-9096B4E9588E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {72D0D588-F4ED-4B12-BFC1-BC4FD3F34893} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-21] (AVAST Software)
Task: {78782136-B33C-41DD-B29E-71FE5B66A8C9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7997E047-BB75-45B5-A380-12C97951A358} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {851A72DE-43A0-42B7-BEA3-FE3C014E7521} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {85EA8DA0-F469-478D-AD9F-8FCAFBA17300} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {8A5A30E2-49A1-42B6-97D9-3267666E38E7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {9109A174-697F-429A-B11A-9811C1B27E39} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {95D5FE38-375E-4CC4-8C82-47897A988610} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {A6FBF4FE-16B8-4367-BBFA-2BA9B2DB141C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {AB5431A4-527C-413B-B371-4430D521F5E6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {B8D3C41B-1EF5-4CB3-A35A-4F6EE25B8494} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {B98A5BB6-3B99-44D1-BF6A-A9972F6F7865} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 
Task: {BED20723-8217-43FF-8DC1-205A3CE8A464} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-01-11] (ASUSTek Computer Inc.)
Task: {C0079A90-D69A-4B5F-8842-C8ABD981D1E9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {C1AB9998-0390-4471-9B56-2EEC48D7D5E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C22EE58D-8042-4FA2-AB81-4571A12EE29E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C45E7A2A-717D-401E-8BDA-24585FD899C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C7E27E3D-A3BA-43E8-A7AD-EBDC957AA7DF} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {CC6DE269-01D7-42AA-B770-6B4E5475E516} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E76F9B0B-ADAA-4A0E-A5EC-551715E1AB5B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {EB37571D-9645-4D62-982D-2A75834D551D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-15] (Adobe Systems Incorporated)
Task: {F0E63A59-31B2-4DBB-A4A5-79E3D60CDBCB} - System32\Tasks\SafeZone scheduled Autoupdate 1469871318 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-03] (Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 15:09 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-13 10:41 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-27 12:49 - 2015-02-27 12:49 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-12-15 15:09 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-13 11:26 - 2016-10-13 11:26 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 21:07 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 21:06 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 21:06 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 21:06 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 21:06 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 21:06 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-08 03:52 - 2017-02-08 03:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-01-10 16:48 - 2017-01-10 16:48 - 65784544 _____ () C:\Program Files\Intel Security\True Key\Application\libcef.dll
2017-01-22 09:58 - 2017-01-22 09:58 - 00174080 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.12.12200.0_x64__8wekyb3d8bbwe\CellNativeClientUniversal.dll
2016-11-23 18:59 - 2016-11-23 18:59 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 18:59 - 2016-11-23 18:59 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-06 21:23 - 2016-06-06 21:23 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 18:59 - 2016-11-23 18:59 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 18:59 - 2016-11-23 18:59 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2017-02-21 09:10 - 2017-02-21 09:10 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-24 18:31 - 2016-07-24 18:31 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-21 09:09 - 2017-02-21 09:09 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-02-21 09:10 - 2017-02-21 09:10 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-12-15 15:09 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-02-03 18:48 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-03 18:47 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-02-21 09:28 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1565215568-3205290119-767311498-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1565215568-3205290119-767311498-1003\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{162F433C-4CAE-4ABF-91AC-2A6594BF95A2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{11274690-701C-4598-81E3-ABC64378D943}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{272A7173-4519-4599-B357-87F3377EE76E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6730F285-B032-43DE-8DE9-1AA85FD3E2A4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4A19D213-45E3-4CEC-B888-1F8DBCD7199C}] => (Allow) LPort=8501
FirewallRules: [{C8645DD9-7CF7-42A5-89CC-6A51B015A4EA}] => (Allow) LPort=8501
FirewallRules: [{62A8595F-50E3-4384-AF76-5A9A5BDA8DCD}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{89CEC689-43D2-49FB-ADB6-C91B1260E43D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5047CB01-E1CC-4B5B-8E00-AE8BAE693696}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/21/2017 02:22:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Jana-PC)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/21/2017 02:22:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Jana-PC)
Description: Aplikace Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen se nespustila ve stanovenou dobu.

Error: (02/21/2017 12:33:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe, verze: 10.0.14393.0, časové razítko: 0x5789907f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000a06b6
ID chybujícího procesu: 0x1a00
Čas spuštění chybující aplikace: 0x01d28c365e3722c6
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\rundll32.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: cdb3addc-8e37-47f4-aa8e-5a6a780660ac
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/21/2017 12:33:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe, verze: 10.0.14393.0, časové razítko: 0x5789907f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000a06b6
ID chybujícího procesu: 0x227c
Čas spuštění chybující aplikace: 0x01d28c3649f299c4
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\rundll32.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: efff88e2-3709-4d01-b636-f6c48e5ba5ae
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/21/2017 12:31:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe, verze: 10.0.14393.0, časové razítko: 0x5789907f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000a06b6
ID chybujícího procesu: 0x205c
Čas spuštění chybující aplikace: 0x01d28c36104ff75c
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\rundll32.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a0285df8-16e7-49cd-914b-594ab896264f
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/21/2017 12:31:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe, verze: 10.0.14393.0, časové razítko: 0x5789907f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000a06b6
ID chybujícího procesu: 0x157c
Čas spuštění chybující aplikace: 0x01d28c35fc769477
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\rundll32.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3d023e49-7867-4dd1-a555-6f7bad88325e
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/21/2017 12:31:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe, verze: 10.0.14393.0, časové razítko: 0x5789907f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000a1dd2
ID chybujícího procesu: 0x27b0
Čas spuštění chybující aplikace: 0x01d28c35fc83025e
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\rundll32.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: efcf7d46-2f2f-483a-a139-c245bddc3eff
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/21/2017 12:30:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe, verze: 10.0.14393.0, časové razítko: 0x5789907f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000a1dd2
ID chybujícího procesu: 0x27a4
Čas spuštění chybující aplikace: 0x01d28c35f673bf5f
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\rundll32.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5df2c700-f69a-4dfc-96fe-3e59d785ff74
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/21/2017 12:26:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Jana-PC)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/21/2017 10:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rundll32.exe, verze: 10.0.14393.0, časové razítko: 0x5789907f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000a06b6
ID chybujícího procesu: 0xc4c
Čas spuštění chybující aplikace: 0x01d28c20f7c2b10b
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\rundll32.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 94ab1198-68d7-4ace-9423-3f67a5c39cf0
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/21/2017 02:22:52 PM) (Source: DCOM) (EventID: 10010) (User: Jana-PC)
Description: Server WindowsDefaultLockScreen se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/21/2017 09:34:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{3185A766-B338-11E4-A71E-12E3F512A338}
 a APPID 
{7006698D-2974-4091-A424-85DD0B909E23}
 uživateli NT AUTHORITY\NETWORK SERVICE (SID: S-1-5-20) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/21/2017 09:27:36 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače ROBERT-HP,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{9CCE834B-5D22-4227-A0B9-B16B67657934}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (02/21/2017 09:22:07 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.

Error: (02/21/2017 09:20:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Defender byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Spustit nakonfigurovaný program pro obnovení.

Error: (02/21/2017 09:15:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/21/2017 09:15:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby FontCache3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (02/21/2017 09:15:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/21/2017 09:15:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/21/2017 09:14:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba InstallerService neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===================================
  Date: 2017-02-21 09:20:41.383
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-21 09:20:41.097
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-14 00:39:02.411
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-01-14 00:39:02.292
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-01-14 00:39:02.011
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-01-14 00:39:01.500
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-01-14 00:39:01.314
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-01-14 00:39:01.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-01-14 00:38:55.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-01-14 00:38:53.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 70%
Total physical RAM: 3981.55 MB
Available physical RAM: 1175.96 MB
Total Virtual: 8077.55 MB
Available Virtual: 4664.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:105.29 GB) (Free:49.29 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:825.78 GB) (Free:582.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 741D2ACD)
Partition 1: (Active) - (Size=105.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=825.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================