Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by haras (07-08-2018 16:16:07)
Running from C:\Users\haras\Desktop
Windows 10 Pro Version 1803 17134.165 (X64) (2018-07-04 18:23:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3522996398-1289702608-3104221131-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3522996398-1289702608-3104221131-503 - Limited - Disabled)
Guest (S-1-5-21-3522996398-1289702608-3104221131-501 - Limited - Disabled)
haras (S-1-5-21-3522996398-1289702608-3104221131-1001 - Administrator - Enabled) => C:\Users\haras
WDAGUtilityAccount (S-1-5-21-3522996398-1289702608-3104221131-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
ARCHICAD 21 INT (HKLM\...\001FFF2FFF21FF00FF0701F01F02F000-R1) (Version: 21.0.0.4022 - GRAPHISOFT)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
CodeMeter Runtime Kit v6.40b (HKLM\...\{B886AE2E-9106-44C4-BE91-7A7F2EF5962F}) (Version: 6.40.2405.502 - WIBU-SYSTEMS AG)
Crk (HKLM-x32\...\Crk 4.42) (Version: 4.42 - x)
Dropbox (HKLM-x32\...\Dropbox) (Version: 54.4.90 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF21FF00FF2801F01F02F000-R1) (Version: 21.0 - GRAPHISOFT)
GRAPHISOFT License Manager Tool (HKLM\...\118FFF2FFF20FF00FF0701F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 5.0.1120 - KYOCERA Document Solutions Inc.)
Microsoft Office 2016 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft Office Professional 2016 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3522996398-1289702608-3104221131-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0407-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
Služba Xperia Companion (HKLM\...\{15BAF400-C4AC-45CD-86D4-986DD7EBF14A}) (Version: 2.1.12.0 - Sony) Hidden
Spotify (HKU\S-1-5-21-3522996398-1289702608-3104221131-1001\...\Spotify) (Version: 1.0.86.337.ga8d5cef9 - Spotify AB)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.30-6 - Wacom Technology Corp.)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
x (HKLM-x32\...\x 5) (Version: 5 - MS)
Xperia Companion (HKLM-x32\...\{0785ee9f-59ca-46b1-861d-edbe859a85c9}) (Version: 2.1.12.0 - Sony)
Xperia Companion (HKLM-x32\...\{AF8E220D-5B8C-4F8C-B1D9-487D27E2202F}) (Version: 2.1.12.0 - Sony) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\Avast\ashShA64.dll [2018-07-04] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\Avast\ashShA64.dll [2018-07-04] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\Winrar\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\Winrar\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\Avast\ashShA64.dll [2018-07-04] (AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Programy\Avast\ashShA64.dll [2018-07-04] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\Winrar\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\Winrar\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {030CA9E9-0B2F-4128-90B4-656ADAD0E34A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestrator => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [2018-02-24] (MS) <==== ATTENTION
Task: {0E22674E-C272-45FB-A9C4-E099777CDE28} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Shutdown => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [2018-02-24] (MS) <==== ATTENTION
Task: {104C5D68-AF01-4C5C-A0F3-9FEFC2EECABB} - System32\Tasks\Microsoft\Windows\Tasks\Taskcleaner => C:\Program Files (x86)\InstallShield Installation Information\Tasks\taskscleaner.exe
Task: {202DE0EB-642E-4C68-B5E0-C62D8F31E558} - System32\Tasks\CCleaner Update => D:\Programy\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {3790D3D2-9B6C-4B07-B7B1-FAB09C22B988} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {45404B13-FDB9-4B52-A9D6-CED948BFB901} - System32\Tasks\Microsoft\Windows\Tasks\Taskorganizer => C:\Program Files (x86)\InstallShield Installation Information\Tasks\taskscleaner.exe
Task: {4574A2BF-F762-44DB-AFD6-B9AF50C6DDE3} - System32\Tasks\Microsoft\Windows\Setup\Hostfixer => C:\Program Files (x86)\Windows NT\Hostprotector\hostprotector.exe [2018-04-18] (MS)
Task: {463C7C78-25A6-4386-8F00-830716BDC9E6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestratorservice => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestratorservice.exe [2018-05-29] (MS) <==== ATTENTION
Task: {53360D37-F187-4C95-A30E-FD64A5EC9988} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-07-04] (Dropbox, Inc.)
Task: {549919BA-BEA5-4783-87D1-BCB594C2E1E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-07-04] (Dropbox, Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6AB96889-CD70-4E3B-9379-C11BBAA975ED} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {6B762AEB-E118-486F-9818-85B4CF94DA22} - System32\Tasks\Microsoft\Windows\Defrag\DefragService => C:\WINDOWS\SysWOW64\dfrcmd.exe [2016-04-14] ()
Task: {72EA4DE2-B4D1-46F3-859E-C18AAF012EB1} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {73A8EA72-4FC3-4407-BCF2-0F76322DEB8C} - System32\Tasks\Avast Emergency Update => D:\Programy\Avast\AvEmUpdate.exe [2018-07-04] (AVAST Software)
Task: {7A372934-F486-4F9B-8AB5-62FA4A83BFB8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-31] (Microsoft Corporation)
Task: {7DF498D5-4B05-4329-B1A2-594872423E3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-04] (Google Inc.)
Task: {885FB811-9747-478D-BF4A-401A03F9296A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-04] (Google Inc.)
Task: {8A62D03A-F2EF-440D-9CB8-9C553351B378} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-07-31] (Microsoft Corporation)
Task: {8FAD6373-9530-4FD7-AED7-DA7E10321738} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {A61365AC-3335-40FE-A4C8-FB96E652DA82} - System32\Tasks\Microsoft\Windows\Time Synchronization\Time Synchronization module => C:\Program Files (x86)\Windows NT\Time Synchronization\timesync.exe
Task: {B4DC25A0-314E-4B13-B9A0-164979094055} - System32\Tasks\Microsoft\Windows\Management\ServiceCoordinator => C:\Program Files (x86)\Common Files\Microsoft Shared\VSTE\service.exe
Task: {B597AB65-6D36-47B0-9F9D-46912E93D50F} - \Microsoft\Windows\UpdateOrchestrator\Sleep -> No File <==== ATTENTION
Task: {C469BAAB-8DEE-4C4C-AE7E-C792D956A610} - System32\Tasks\Microsoft\Windows\Enumerator\Enumerator => C:\Program Files (x86)\Common Files\Enumerator\enumerator.exe
Task: {DDE2D8BA-DE67-4BEC-8786-434733A77BB4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-07-04] (AVAST Software)
Task: {DF0987A7-0DE1-44A8-8DAF-4A1AFDA5B8C5} - \Microsoft\Windows\UpdateOrchestrator\Hybernate -> No File <==== ATTENTION
Task: {DF597E63-62D7-439E-9F3A-0B79BC8A8C54} - System32\Tasks\Microsoft\Windows\Migrator\Migrator => C:\Program Files (x86)\Common Files\Migrator\migrator.exe
Task: {E5F9D0D3-B900-45DC-B47B-661CD01B7919} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {F5294A92-2D34-40C3-AE1D-7B9EDE81C4EB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-31] (Microsoft Corporation)
Task: {F7E2E955-6F63-498A-8BD2-2DB9E40680E2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\ForcedShutdown => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestratorservice.exe [2018-05-29] (MS) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-11 19:14 - 2018-07-06 08:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-11 19:07 - 2018-06-19 22:37 - 002288072 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-17 19:55 - 2018-07-17 19:55 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-27 08:10 - 2018-07-27 08:10 - 035195392 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-27 08:10 - 2018-07-27 08:10 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-27 08:10 - 2018-07-27 08:10 - 006373376 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-04-12 17:56 - 2018-04-12 17:56 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-27 08:10 - 2018-07-27 08:10 - 008903168 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-27 08:11 - 2018-07-27 08:11 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-27 08:11 - 2018-07-27 08:11 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-07-04 20:57 - 2018-07-04 20:59 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-07-04 20:57 - 2018-07-04 20:58 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-07-04 20:57 - 2018-07-04 20:59 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-27 08:11 - 2018-07-27 08:11 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-27 08:11 - 2018-07-27 08:11 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-07-04 20:57 - 2018-07-04 20:59 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-17 19:55 - 2018-07-17 19:55 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-27 08:11 - 2018-07-27 08:11 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-27 08:11 - 2018-07-27 08:11 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-07-31 19:49 - 2018-07-31 19:50 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 19:49 - 2018-07-31 19:50 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-31 19:49 - 2018-07-31 19:50 - 007814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-07-19 21:39 - 2018-07-19 21:39 - 004173312 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-07-04 21:01 - 2018-07-04 21:01 - 000634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-04 20:34 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-07-04 20:34 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-07-04 20:48 - 2018-07-04 20:48 - 067126928 _____ () D:\Programy\Avast\libcef.dll
2018-07-04 20:46 - 2018-07-04 20:46 - 000483544 _____ () D:\Programy\Avast\streamback.dll
2018-07-04 20:46 - 2018-07-04 20:46 - 000282840 _____ () D:\Programy\Avast\gaming_mode_ui.dll
2018-08-01 21:37 - 2018-07-31 03:25 - 001108672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-08-01 21:37 - 2018-07-31 03:25 - 002247872 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-07-04 20:38 - 2018-07-31 03:28 - 000021704 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000022752 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000135840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 001881816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000023768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:25 - 000111760 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-07-04 20:38 - 2018-07-31 03:25 - 000103576 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000069320 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000080064 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:25 - 000400016 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-07-04 20:38 - 2018-07-31 03:25 - 000024728 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000043680 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:25 - 000021656 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000125080 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000114848 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000392392 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000030432 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000024736 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000175768 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000024728 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000026264 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000048800 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000058016 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000024784 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000022728 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000026336 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000070360 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000025296 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-08-01 21:36 - 2018-07-31 03:28 - 000029904 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 003866304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000089272 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 001800896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 001960640 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000028824 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000155856 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000521920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000051400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000043720 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000131264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000220872 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000205512 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000061080 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000056536 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000024224 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000025304 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000023776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000022752 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000023768 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000028392 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:25 - 000348312 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000102088 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000024800 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000026840 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:25 - 000036496 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-08-01 21:37 - 2018-07-31 03:26 - 000034528 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:25 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-07-04 20:38 - 2018-07-31 03:28 - 000023776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000181432 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-07-04 20:38 - 2018-07-31 03:28 - 000031952 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:26 - 000024752 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-08-01 21:37 - 2018-07-31 03:26 - 001638576 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-07-04 20:38 - 2018-07-31 03:28 - 000090840 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-07-04 20:38 - 2018-07-31 03:28 - 000027352 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000547008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-08-01 21:37 - 2018-07-31 03:27 - 000360128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3522996398-1289702608-3104221131-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\haras\Pictures\Camera Roll\DSC_0022.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{88F2D2DD-6598-497F-BAA0-CF4A3195999E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CEBAD40C-03FB-4D9E-9C92-7B4F575E7C4B}] => (Allow) D:\Programy\Avast\AvEmUpdate.exe
FirewallRules: [{97F93C5F-A7F7-468E-B2A0-22A1B1D02B91}] => (Allow) D:\Programy\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{6759AB45-4D8E-445C-B8E5-CA504B2EA42E}C:\users\haras\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\haras\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{417DE6E3-3C20-4D39-84C9-706C6ABAB495}C:\users\haras\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\haras\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E12395AC-0DB5-4D9C-9BC5-921776B0739D}] => (Block) C:\users\haras\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6ED51825-9FBB-4618-A74D-34AD9F643061}] => (Block) C:\users\haras\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DB6EC18E-7B5D-4873-BDCA-5CB66C44C6E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A69A18DB-5073-48E9-8D00-6442FDB55521}] => (Block) D:\Programy\Archicad\ARCHICAD.exe
FirewallRules: [{013A7B8A-7BB3-43D9-8150-D0CDCC92D20E}] => (Allow) D:\Programy\Archicad\BIMxUploader.exe
FirewallRules: [{DEB34114-B1AD-4325-89E8-E405021B2F0E}] => (Block) D:\Programy\Archicad\OverwatchServer.exe
FirewallRules: [{59A6AE28-4A16-4973-B2CF-0B04A909D8A7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{9AA0213A-87EB-4711-9971-E99D79E7DDFE}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{777C8FF8-9596-4134-B7D1-3B95440C9933}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{1CFF05F3-8C5B-49AC-8C18-24E38182FC48}] => (Allow) C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe
FirewallRules: [{57F2DA2E-5B78-4970-998F-0BCF7E487D38}] => (Allow) LPort=9422
FirewallRules: [{F3C005BA-6612-43B6-AD4E-51D878BAAB99}] => (Allow) LPort=9245
FirewallRules: [{183A41E3-4731-42CF-9650-F358EEAFEEE5}] => (Allow) LPort=9246
FirewallRules: [{06B0F1A1-74B5-4D27-9963-154EC808911C}] => (Allow) LPort=9247
FirewallRules: [{5BAB0184-1FFB-47B8-B45C-18B1656A6A10}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe
FirewallRules: [{F999AEFA-4B75-4413-AA5D-DAF915A3C8CC}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{D7895B6F-9DC2-4628-8471-FFB997B81A90}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe
FirewallRules: [UDP Query User{8E04330E-F16F-4BFC-84FB-DD81FA4E34F5}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe
FirewallRules: [{FC877D19-CB03-484E-91AE-53C0118D62A6}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{111C2C9D-80AD-49AE-B37C-81E25A71ACCE}] => (Allow) C:\Program Files (x86)\Windows NT\Hostprotector\Hostprotector.exe
FirewallRules: [{A6F35423-4D09-437F-8D12-B3BCF2D412BD}] => (Allow) C:\Program Files (x86)\InstallShield Installation Information\{FA285575-B543-4E6E-A573-A5F534AC9955}\msdtc.exe
FirewallRules: [{6DCF30B4-392B-4788-909D-7DE86A40BFC0}] => (Allow) C:\WINDOWS\SysWOW64\dfrcmd.exe
FirewallRules: [{BD207FC6-4A8B-4F42-990D-55B373819A2B}] => (Allow) C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestratorservice.exe
FirewallRules: [{3B256577-17DE-49BC-9B02-C26D6C06898C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/01/2018 04:11:10 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: x -- Error 4106. An error was encountered while creating a scheduled task: '\Microsoft\Windows\SearchIndexer\Search Indexer.job'. Error description: Nebylo provedeno mapování mezi názvy registrací a ID zabezpečení.

Error: (07/29/2018 01:13:24 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: x -- Error 4106. An error was encountered while creating a scheduled task: '\Microsoft\Windows\SearchIndexer\Search Indexer.job'. Error description: Nebylo provedeno mapování mezi názvy registrací a ID zabezpečení.

Error: (07/27/2018 09:11:05 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: x -- Error 4106. An error was encountered while creating a scheduled task: '\Microsoft\Windows\Setup\Hostprotector.job'. Error description: Nebylo provedeno mapování mezi názvy registrací a ID zabezpečení.

Error: (07/26/2018 09:11:06 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: x -- Error 4106. An error was encountered while creating a scheduled task: '\Microsoft\Windows\Setup\Hostprotector.job'. Error description: Nebylo provedeno mapování mezi názvy registrací a ID zabezpečení.

Error: (07/26/2018 07:40:38 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5MMGONN)
Description: httphttp-2147467263

Error: (07/11/2018 07:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Startup.exe, verze: 11.5.0.593, časové razítko: 0x49bc924a
Název chybujícího modulu: DIRAPI.dll, verze: 11.5.0.593, časové razítko: 0x49bc87c9
Kód výjimky: 0xc0000005
Posun chyby: 0x0003ea41
ID chybujícího procesu: 0x26b8
Čas spuštění chybující aplikace: 0x01d419396e6b4e45
Cesta k chybující aplikaci: C:\WINDOWS\TEMP\RarSFX1\webife\Startup.exe
Cesta k chybujícímu modulu: C:\WINDOWS\TEMP\RarSFX1\webife\Xtras\DIRAPI.dll
ID zprávy: 2a12c842-8882-4ba2-901a-39c8daf2a007
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (07/11/2018 07:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Startup.exe, verze: 11.5.0.593, časové razítko: 0x49bc924a
Název chybujícího modulu: DIRAPI.dll, verze: 11.5.0.593, časové razítko: 0x49bc87c9
Kód výjimky: 0xc0000005
Posun chyby: 0x0003ea41
ID chybujícího procesu: 0x1be8
Čas spuštění chybující aplikace: 0x01d419396e4f8b53
Cesta k chybující aplikaci: C:\WINDOWS\TEMP\RarSFX0\webife\Startup.exe
Cesta k chybujícímu modulu: C:\WINDOWS\TEMP\RarSFX0\webife\Xtras\DIRAPI.dll
ID zprávy: cb2453f2-ed81-4735-83d0-22c3df2055be
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (07/07/2018 04:30:01 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (9692,G,0) Pokus o otevření souboru C:\Users\haras\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (08/07/2018 03:01:44 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (08/07/2018 01:57:40 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5MMGONN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-5MMGONN\haras (SID: S-1-5-21-3522996398-1289702608-3104221131-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/07/2018 01:35:54 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (08/07/2018 01:05:04 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5MMGONN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-5MMGONN\haras (SID: S-1-5-21-3522996398-1289702608-3104221131-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/07/2018 12:47:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5MMGONN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-5MMGONN\haras (SID: S-1-5-21-3522996398-1289702608-3104221131-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/07/2018 12:35:05 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (08/07/2018 12:03:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5MMGONN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-5MMGONN\haras (SID: S-1-5-21-3522996398-1289702608-3104221131-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/07/2018 11:52:07 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


==================== Memory info =========================== 

Processor: AMD FX(tm)-8350 Eight-Core Processor 
Percentage of memory in use: 24%
Total physical RAM: 16333.5 MB
Available physical RAM: 12413.24 MB
Total Virtual: 18765.5 MB
Available Virtual: 14687.51 MB

==================== Drives ================================

Drive c: (Programy) (Fixed) (Total:111.33 GB) (Free:62.78 GB) NTFS
Drive d: (Úložiště) (Fixed) (Total:931.17 GB) (Free:676.33 GB) NTFS

\\?\Volume{4c8a5c91-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.26 GB) NTFS
\\?\Volume{4c8a5c8c-0000-0000-0000-40d51b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 4C8A5C91)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 4C8A5C8C)
Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=467 MB) - (Type=27)

==================== End of Addition.txt ============================