Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Pepi (07-04-2017 08:47:28)
Running from C:\Users\Pepi\Desktop
Windows 10 Education Version 1607 (X64) (2016-10-03 16:19:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-36918377-437131489-4245242684-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-36918377-437131489-4245242684-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-36918377-437131489-4245242684-503 - Limited - Disabled)
Guest (S-1-5-21-36918377-437131489-4245242684-501 - Limited - Disabled)
Pepi (S-1-5-21-36918377-437131489-4245242684-1001 - Administrator - Enabled) => C:\Users\Pepi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1721, 30.05.2016 - AIMP DevTeam)
Aktualizace NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0190 - Disc Soft Ltd)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
EPSON BX305 Plus Series Printer Uninstall (HKLM\...\EPSON BX305 Plus Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ETDWare PS/2-X64 11.6.28.201_WHQL (HKLM\...\Elantech) (Version: 11.6.28.201 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GDR 4213 for SQL Server 2014 (KB3070446) (64-bit) (HKLM\...\KB3070446) (Version: 12.1.4213.0 - Microsoft Corporation)
GDR 4232 for SQL Server 2014 (KB3194720) (64-bit) (HKLM\...\KB3194720) (Version: 12.1.4232.0 - Microsoft Corporation)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
JavaFX Scene Builder 2.0 (HKLM-x32\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle)
KONICA MINOLTA magicolor 1690MF (HKLM\...\KONICA MINOLTA magicolor 1690MF) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
LibreOffice 5.0.6.3 (HKLM-x32\...\{900D9036-4EDA-45EC-A095-E8AFB25D807A}) (Version: 5.0.6.3 - The Document Foundation)
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A7A76890-1134-424F-97DA-7BED0D9CFA19}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.7766.2071 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-36918377-437131489-4245242684-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{375DE766-4467-4F48-B56B-4F543819BAB4}) (Version: 12.1.4232.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 cs)) (Version: 45.1.1 - Mozilla)
MsActiveX (HKLM-x32\...\MsActiveX) (Version:  - )
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
Node.js (HKLM\...\{AA4FBC0D-2136-41E4-B914-93642B923B03}) (Version: 7.7.3 - Node.js Foundation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7766.2071 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2071 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 376.54 (Version: 376.54 - NVIDIA Corporation) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SOLIDWORKS 2016 x64 Czech Resources (Version: 24.130.57 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP03 (HKLM-x32\...\SolidWorks Installation Manager 20160-40300-1100-100) (Version: 24.3.0.57 - SolidWorks Corporation)
SOLIDWORKS 2016 x64 Edition SP03 (Version: 24.130.57 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2016 x64 Edition SP03 (Version: 16.3.0030 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2016 SP03 x64 Edition (Version: 24.30.57 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SQL Server 2014 Common Files (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WhatsApp (HKU\S-1-5-21-36918377-437131489-4245242684-1001\...\WhatsApp) (Version: 0.2.3699 - WhatsApp)
WinDirStat 1.1.2 (HKU\S-1-5-21-36918377-437131489-4245242684-1001\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
Wondershare Filmora(Build 7.8.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
XnConvert 1.73 (HKLM\...\XnConvert_is1) (Version: 1.73 - Gougelet Pierre-e)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-36918377-437131489-4245242684-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1F9E1AFC-1186-4E11-A40C-2B7F7511EA9F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {33DE2381-69E5-4C1A-B58E-2873487E6765} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-19] (Google Inc.)
Task: {4417F796-EB5A-4163-880E-EF7FAB5BCBF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-10] (Microsoft Corporation)
Task: {4C26DAE1-5820-4C2B-9BC3-EBC56E8D866E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-36918377-437131489-4245242684-1001UA => C:\Users\Pepi\AppData\Local\Google\Update\GoogleUpdate.exe 
Task: {4FD80837-5038-410A-9C53-245FCDEDC6AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-36918377-437131489-4245242684-1001Core => C:\Users\Pepi\AppData\Local\Google\Update\GoogleUpdate.exe 
Task: {5CF14050-6037-4F71-821C-2FAEAC83275C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-19] (Google Inc.)
Task: {6AB69511-E93A-4DBB-8506-F464B7871A73} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-09] (Microsoft Corporation)
Task: {842E0E08-8D53-45A2-97E9-935ABB500067} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {85B766E1-0F5E-4906-9EF2-38520D818EF1} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-EPELJSD-Pepi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {9E89A345-3116-401D-BBBB-CF36DFECFBA1} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe 
Task: {A195ABCD-E3F5-497B-AF76-23A4AE631F9E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-03-10] (Microsoft Corporation)
Task: {B25C9BDD-2A85-44F8-9B32-6923D08B684D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-09] (Microsoft Corporation)
Task: {B5B38F8E-6787-471B-B452-8721B433C55B} - System32\Tasks\{7F0A8726-9444-4E32-BB30-B8E82C1509B5} => pcalua.exe -a "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\removeAdAppMgr.exe"
Task: {C523C8A0-353D-4293-A9BC-4919A0CB6B60} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-03-10] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-06-05 15:24 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2017-04-05 11:47 - 2017-03-24 04:09 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-15 18:39 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-03 18:10 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-15 18:39 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 18:39 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-03 19:03 - 2016-10-03 19:03 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 18:39 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 18:39 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 18:39 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 18:39 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 18:39 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 18:40 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-06 02:54 - 2016-04-06 02:54 - 00267672 _____ () C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldBodyDiffu.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-03-14 15:22 - 2017-03-14 15:22 - 03879424 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-03-28 21:31 - 2017-03-28 21:31 - 01668976 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-04-03 08:50 - 2017-04-03 08:51 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-03 08:50 - 2017-04-03 08:51 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-03 08:50 - 2017-04-03 08:51 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-03 08:50 - 2017-04-03 08:51 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-05 14:44 - 2016-06-05 15:07 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-03 08:50 - 2017-04-03 08:51 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-03 08:50 - 2017-04-03 08:51 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-06-05 14:44 - 2016-06-05 15:48 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-03-27 21:16 - 2017-03-09 17:31 - 02259968 _____ () C:\Users\Pepi\AppData\Local\WhatsApp\app-0.2.3699\ffmpeg.dll
2017-04-03 08:40 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-03 08:40 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2017-03-27 21:16 - 2017-03-09 17:31 - 02917376 _____ () C:\Users\Pepi\AppData\Local\WhatsApp\app-0.2.3699\libglesv2.dll
2017-03-27 21:16 - 2017-03-09 17:31 - 00095232 _____ () C:\Users\Pepi\AppData\Local\WhatsApp\app-0.2.3699\libegl.dll
2017-04-07 08:31 - 2017-04-07 08:31 - 00486912 _____ () \\?\C:\Users\Pepi\AppData\Local\Temp\1F00.tmp.node
2016-06-05 19:18 - 2016-02-02 08:46 - 35342336 _____ () C:\Program Files (x86)\EasyPHP-Devserver-16.1\eds-binaries\dbserver\mysql5711x86x160605192228\bin\eds-dbserver.exe
2017-02-27 13:43 - 2016-09-30 01:19 - 00244106 _____ () C:\Program Files\NetBeans 8.2\ide\modules\lib\extbrowser64.dll
2017-03-20 19:37 - 2017-02-27 13:43 - 00007680 _____ () C:\Users\Pepi\AppData\Roaming\NetBeans\8.2\winp.x64.dll
2017-03-28 15:59 - 2017-03-28 04:48 - 00105984 _____ () c:\programdata\package cache\{2a002f88-fd5d-379b-a350-a25d84af128b}v14.0.25420\packages\visualc_d14\vc_ide.base\vc_ide_base.dll
2016-06-05 15:24 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-04-07 08:24 - 2017-04-07 08:24 - 00098816 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32api.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00110080 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\pywintypes27.dll
2017-04-07 08:24 - 2017-04-07 08:24 - 00364544 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\pythoncom27.dll
2017-04-07 08:24 - 2017-04-07 08:24 - 00320512 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32com.shell.shell.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00914432 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\_hashlib.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 01176576 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\wx._core_.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00806400 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\wx._gdi_.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00816128 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\wx._windows_.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 01067008 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\wx._controls_.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00733184 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\wx._misc_.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00682496 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\pysqlite2._sqlite.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00088064 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\_ctypes.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00686080 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\unicodedata.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00119808 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32file.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00108544 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32security.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00007168 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\hashobjs_ext.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00017920 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\thumbnails_ext.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00088064 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\usb_ext.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00012800 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\common.time34.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00018432 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32event.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00167936 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32gui.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00046080 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\_socket.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 01303552 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\_ssl.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00128512 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\_elementtree.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00127488 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\pyexpat.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00038912 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32inet.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00036864 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\_psutil_windows.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00524248 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\windows._lib_cacheinvalidation.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00011264 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32crypt.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00123392 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\wx._wizard.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00077312 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\wx._html2.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00027648 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\_multiprocessing.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00020480 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\_yappi.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00035840 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32process.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00078848 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\wx._animate.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00024064 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32pipe.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00010240 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\select.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00025600 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32pdh.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00017408 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32profile.pyd
2017-04-07 08:24 - 2017-04-07 08:24 - 00022528 ____R () C:\Users\Pepi\AppData\Local\Temp\_MEI40362\win32ts.pyd
2017-01-30 12:52 - 2017-01-30 12:52 - 01926632 ____R () C:\Program Files (x86)\Skype\Phone\roottools.dll
2016-06-05 19:19 - 2015-12-11 17:33 - 00407040 _____ () C:\Program Files (x86)\EasyPHP-Devserver-16.1\eds-binaries\httpserver\apache2418vc11x86x160605192228\bin\pcre.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-36918377-437131489-4245242684-1001\Software\Classes\.scr: AutoCADLTScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-04-05 16:03 - 2017-04-05 16:03 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-36918377-437131489-4245242684-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pepi\Desktop\184244124.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-36918377-437131489-4245242684-1001\...\StartupApproved\Run: => "EPSONCC9B74 (Epson Stylus Office BX305 Plus)"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{FEE725ED-78C3-49BA-9079-177850AD5E57}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{E0251FE7-3E44-4462-A2F7-0ADC12BB85F9}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{D620B34D-E846-4FE1-9114-BF5C08264846}C:\users\pepi\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\pepi\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{B5EFCC9F-67C1-4AA6-8F2C-6CD42C6ED09D}C:\users\pepi\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\pepi\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{366F265C-D3AF-4482-AAEE-B78AEB5A2AA3}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{EB8634F8-5845-4E3C-87D7-78D6DAD9B04F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{28AB6606-F1D9-4B8D-B058-37EF176532CC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C05C77D6-C811-456E-89A7-54E72BC8F664}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{E97A60AF-D3C1-4AD9-8D44-1EBD8A5FE2CE}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{2F3D5278-8CB7-45C4-B078-06CCC227683E}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe
FirewallRules: [UDP Query User{464E3755-B2DB-445F-B477-546DA9C2DE3E}C:\users\pepi\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pepi\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{0D87CCE4-7AE4-4396-B669-94EE3C4F9CBD}C:\users\pepi\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pepi\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{32E0D2EA-4BEC-4336-892D-6688858945F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4DC064F6-AB71-42AC-8C50-5514302AA55E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4B6C8FFF-A54A-4279-87C5-940C0D2DE260}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{72FEEA37-FCB6-451A-8297-F1550B54E0F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7FE7508F-AF29-48F1-9C69-CF320593798E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0BA40E08-2B20-4E17-BFDC-6FE5DC4F3563}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C600A3EE-C71C-4E32-86ED-422B95FFA71D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D72DE8FF-430E-4A97-9AB9-F45C57C63D89}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5B335AB6-9EC6-46D9-AD03-C9C49FFA786F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2D0AF81-A5B8-4A0C-80B4-C4A39D02C62D}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{12303075-7D6C-461C-878B-7B8787A2ABF3}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{6C79A2FB-C043-4ACE-B279-BDC2C7777565}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2619B194-4C42-4BE7-828D-03B27A54E22E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{56BB599C-DF7C-4A0A-B2BB-E6D7ED40D0F5}] => (Allow) LPort=2869
FirewallRules: [{0CA3C5AD-3625-4C0A-A0FC-0C815694CF15}] => (Allow) LPort=1900
FirewallRules: [{61CD1A07-E6A5-4081-B7F9-32327A0A410C}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{9482B346-489D-4EF4-A8DC-91631FE95FF4}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [TCP Query User{BC198C4B-EA47-4707-ADD0-FFBDF59F3A87}C:\program files\netbeans 8.2\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.2\bin\netbeans64.exe
FirewallRules: [UDP Query User{B7DF5390-DA7A-4BFF-9C92-95C86BEAD2D1}C:\program files\netbeans 8.2\bin\netbeans64.exe] => (Allow) C:\program files\netbeans 8.2\bin\netbeans64.exe
FirewallRules: [{6CA11293-F220-42BD-9148-EE84021145A1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{817AE7C2-9BAB-43CF-BB52-FC782E8C58BA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BC0BE1CE-F2AE-43E9-A444-15D84532A542}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C79E3D8F-E197-4F9B-BDC9-52D061617177}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{190128B9-CC68-4714-AAD4-F55BDE7C43CC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{2A25696F-A074-42F3-B936-AE72CD459FA2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{20371C7C-A8F7-4407-9DDC-8BD789BF0042}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{4F4B3390-80A6-4B8B-AFBF-667A2E3885E6}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Restore Points =========================

05-04-2017 16:00:07 4.4.2017
05-04-2017 17:01:39 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event Scheduler: An error occurred when initializing system tables. Disabling the Event Scheduler.

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: mysql.user has no `Event_priv` column at position 28

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Incorrect definition of table mysql.db: expected column 'User' at position 2 to have type char(32), found type char(16).

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Native table 'performance_schema'.'session_variables' has the wrong structure

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Native table 'performance_schema'.'global_variables' has the wrong structure

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Native table 'performance_schema'.'variables_by_thread' has the wrong structure

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Native table 'performance_schema'.'session_status' has the wrong structure

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Native table 'performance_schema'.'global_status' has the wrong structure

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Native table 'performance_schema'.'status_by_user' has the wrong structure

Error: (04/07/2017 08:33:51 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Native table 'performance_schema'.'status_by_thread' has the wrong structure


System errors:
=============
Error: (04/07/2017 08:24:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/06/2017 06:46:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EPELJSD)
Description: Server App.AppX3tjqn33ztwrr48r45m8t5934hvhe6x38.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/06/2017 06:46:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/06/2017 02:59:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/06/2017 02:58:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Crypkey License neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (04/06/2017 02:58:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/06/2017 02:57:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/05/2017 11:15:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/05/2017 11:15:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EPELJSD)
Description: Server microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/05/2017 11:15:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EPELJSD)
Description: Server App.AppX3tjqn33ztwrr48r45m8t5934hvhe6x38.mca se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
  Date: 2017-03-13 13:33:51.981
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-10 09:58:52.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\VS7Debug\msdbg2.dll that did not meet the Store signing level requirements.

  Date: 2017-03-10 09:57:27.239
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\VS7Debug\msdbg2.dll that did not meet the Store signing level requirements.

  Date: 2017-02-27 10:05:29.394
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-26 13:09:32.790
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-19 20:07:38.218
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-14 11:46:45.897
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-13 09:16:59.777
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-27 13:10:24.274
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-21 17:40:02.615
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 58%
Total physical RAM: 5979.35 MB
Available physical RAM: 2458.52 MB
Total Virtual: 7899.35 MB
Available Virtual: 3654.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.66 GB) (Free:41.91 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: C05ABD65)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=496 MB) - (Type=27)

==================== End of Addition.txt ============================