Re: Kontrola logu Vyřešeno
Napsal: 28 lis 2017 11:21
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2017
Ran by Bohumil (28-11-2017 11:13:31)
Running from C:\Users\Bohumil\Desktop
Windows 10 Home Version 1703 15063.726 (X64) (2017-07-24 10:50:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2167593211-4253963868-4146078775-500 - Administrator - Disabled)
Bohumil (S-1-5-21-2167593211-4253963868-4146078775-1001 - Administrator - Enabled) => C:\Users\Bohumil
DefaultAccount (S-1-5-21-2167593211-4253963868-4146078775-503 - Limited - Disabled)
Guest (S-1-5-21-2167593211-4253963868-4146078775-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2167593211-4253963868-4146078775-1005 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.11 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
Calendar Sync + (HKLM-x32\...\{522B1268-079C-4797-BA7F-ADDD44F3E5B0}) (Version: 1.4.0.5 - Ankesh Dave & Akanksha Gaur) Hidden
Calendar Sync + (HKLM-x32\...\{908407df-a3fc-4876-b578-917e49405878}) (Version: 1.4.0.5 - Ankesh Dave & Akanksha Gaur)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Client for Google Translate (HKLM-x32\...\Translate Client) (Version: 6.2.620 - )
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
erLT (HKLM-x32\...\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}) (Version: 1.20.0137 - Logitech, Inc.) Hidden
Freemake Video Converter verze 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
iMyFone Umate 4.7.0.4 (HKLM-x32\...\{5284F901-9F62-4462-A0E6-2E4373A64454}_is1) (Version: 4.7.0.4 - Shenzhen iMyFone Technology Co., Ltd.)
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11107 - Realtek Semiconductor Corp.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{E6F74D3A-5E93-4DE6-BBC6-7CF175F95214}) (Version: 12.7.1.14 - Apple Inc.)
Kaspersky Anti-Virus (HKLM-x32\...\{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.8625.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MySQL Connector/ODBC 5.2(a) (HKLM-x32\...\{826B011B-F3EA-47B2-BDD9-AB179E7D0E07}) (Version: 5.2.2 - Oracle Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Online Video Converter version 1.0.6 (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\{628BF902-EB66-4BDB-97CB-AE4AAAAA5A7F}_is1) (Version: 1.0.6 - APOWERSOFT LIMITED)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Room Arranger (32-bit) (HKLM-x32\...\Room Arranger) (Version: 9.2 - Jan Adamec)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 8 Start menu 2.2 (HKLM-x32\...\Windows 8 Start menu_is1) (Version: - PS Media s.r.o.)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Xerox Phaser 3020 XPS (Windows (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows ) (Version: 3.03.13.02:11 - Xerox Corporation)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.9 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2167593211-4253963868-4146078775-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-11-27] ()
ContextMenuHandlers1: [AGpShellExt] -> {5CD76C57-6893-478A-B776-47E7C82504BE} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [DiskInternals_cd_recovery] -> {6DD33479-D4D0-4666-93C8-F6DC46668518} => -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-11-27] ()
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10F7A01D-337E-4028-BACD-7318A7ABE32B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-10-19] (Apple Inc.)
Task: {20633BCC-AE8A-4991-806B-8E2FC42954D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {245309FE-219F-4B42-8675-D330D029A5FC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-11-18] (Microsoft Corporation)
Task: {34001973-DC10-447F-AF0A-7F7E74502485} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {4EFE1808-CC5E-4BE2-82AA-7DA11FECF8D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-16] (Google Inc.)
Task: {62846488-5114-48D8-A939-0926BB53B83D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {66473B43-F551-422D-B55E-A6EB1BA20D56} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {75699697-B942-4FD1-86A2-C80574017153} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {77B9932D-2ADA-49F4-9E40-EB590E7431E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-02] (Microsoft Corporation)
Task: {7EFE7E45-781F-4969-AFA8-085C5C55E01C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {914FA67B-7E72-4BF7-A7B2-0F04FE3E03E5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-11] (Adobe Systems Incorporated)
Task: {993B11AF-8257-4028-A61B-B648A1AB50E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-16] (Google Inc.)
Task: {A17F1027-9208-41C8-805B-6D38C15A8FDE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {B7958610-09AD-41CA-8374-6E880D3A049E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C249F1AB-C17A-4847-BAF8-7A3DB0F7EED3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {D549B3EE-4A1E-4951-9241-C9A743DD6E1D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {DCDB7D5A-5FCC-4E5A-8708-24D9D30F088C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-14] (Microsoft Corporation)
Task: {E5FE688C-24C5-4EC3-99EE-32BFD9425722} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-11-18] (Microsoft Corporation)
Task: {E7B0E0D4-CF2D-4A8B-83A4-1170207F79FC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-02] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-30 17:17 - 2013-12-10 10:43 - 000034304 _____ () C:\WINDOWS\System32\sxj2mlm.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-31 12:47 - 2012-12-02 14:11 - 008197120 _____ () C:\Bohouš\AWKasa5\bin\mysqld-nt.exe
2017-11-23 09:10 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-23 09:10 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-01 22:05 - 2016-11-01 22:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 21:59 - 2017-03-20 05:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-11-13 13:19 - 2015-11-13 13:19 - 003097640 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2014-04-28 07:19 - 2014-04-28 07:19 - 000184320 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2015-11-13 10:51 - 2015-11-13 10:51 - 000330240 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll
2015-11-13 10:51 - 2015-11-13 10:51 - 000060928 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll
2015-11-13 13:20 - 2015-11-13 13:20 - 000283176 _____ () C:\Program Files (x86)\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2015-11-13 13:19 - 2015-11-13 13:19 - 000075816 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2014-04-28 07:19 - 2014-04-28 07:19 - 000015872 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2015-12-22 01:47 - 2015-12-22 01:47 - 000794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\kpcengine.2.3.dll
2014-11-04 10:05 - 2013-09-04 01:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-11-27 07:28 - 000000727 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\Control Panel\Desktop\\Wallpaper -> c:\users\bohumil\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{d173442d-9abe-48f8-958e-be355da1ad0c}.jpg
DNS Servers: 77.237.128.2 - 77.237.128.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: HiSuiteOuc64.exe => 2
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\Services: JME Keyboard => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: ssinstall => 2
HKLM\...\StartupApproved\StartupFolder: => "Translate Client.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtsCM"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "jmekey"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "jmesoft"
HKLM\...\StartupApproved\Run32: => "RtsCM"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "ZAM"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4C012B0ED3B9B62D2BB8574BEDF83FCD"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "Google Photos Backup"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Bohumil\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "WinThrusterReminder"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "CalendarSyncPlusStartup"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "iCloudServices"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3FE4E117-4609-4C1B-9660-548508E46CA8}] => (Allow) C:\Users\Bohumil\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe
FirewallRules: [{13E859F6-F9CD-42F5-B1AB-B6748B940AEA}] => (Allow) C:\Users\Bohumil\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe
FirewallRules: [{49154CFA-4312-4807-8D4B-3DDF23A4D78B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E519AF3-529A-42BF-B848-FA335D006484}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EE4634CF-C943-4911-A9B1-A3E3E3BBC25D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3CAC24D-48B8-490C-82BE-B4D5BEE269A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{38AE5DC8-DA1A-4406-A0AB-CDD2F283C52C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{359145EE-72FA-4A13-9D85-21EC02FBE7F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AAFAF81D-22D1-457C-8C0A-F1D99A6F9C0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8FCB8FF9-2108-4358-824F-EC6425D97F82}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2FDAAFF2-142C-41B0-91C4-BA8CB022259E}] => (Allow) F:\solutoinstaller.exe
FirewallRules: [{A714F50B-B4B0-4306-8819-C916B494F393}] => (Allow) F:\solutoinstaller.exe
FirewallRules: [UDP Query User{FA5E779B-9E40-4FFA-B5E5-2CD068A6F77A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{BA3EC141-ED38-4178-A642-1ADD2AF36DB3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{5820E510-94FB-4977-AA4B-5628F33E6020}C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{95550A46-6857-4A56-A560-1E78B7D805ED}C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{44B281DD-340C-4FF9-BB79-A95BBBC4A42D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{C7784EB7-F741-4072-82FD-11933CB865BB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{AF0617D4-A140-43DF-9AB9-6C7CD58F012C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{AA772A9F-F1DA-4C8F-A9CD-002E9684F1B0}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [TCP Query User{5B54D9EB-188E-48F4-AFF6-A37BA1B7A222}C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{F9C175D2-79DD-4F4F-8EE6-EC951874DD3B}C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{C4496C92-E572-454C-A047-40CA7B0255D0}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E4BE4814-8BD2-4E30-9733-B204965C14DC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C2DA3A5C-6036-4419-A976-E6C3DE2E1ACC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe
FirewallRules: [{36401168-1EC6-45F0-89BD-7E7485F50009}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe
FirewallRules: [{18D3DAAB-07A1-4D9F-960D-DA82A7DDEDAA}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe
FirewallRules: [{D0908B37-0C05-4F32-B9B1-5AA7FD28E9C2}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe
FirewallRules: [{6E7139AA-FC9E-436B-A66A-C6A4F122007F}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe
FirewallRules: [{05AB8985-134D-4D52-A35E-1570F9561846}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe
FirewallRules: [{0C52A8DD-3ADE-4638-A532-123A889F2E05}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe
FirewallRules: [{3049FBAD-0C2B-43D1-B65C-A73622CBD0E5}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe
FirewallRules: [{6E5BDA89-69BC-4E70-8894-D3F7A53A0C7B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe
FirewallRules: [{71599AB1-83A0-4B8A-8B3C-C903CF13A23D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe
FirewallRules: [{1530A82E-4725-4170-89D0-F5C5A8DC2F48}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{5CA4C2BA-7C6E-401B-A601-C1628CAE95E4}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{ACA4DA48-2C59-45B2-8165-9E234FE202CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{328AC374-AC13-4457-823A-EEF32A35BC97}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe
FirewallRules: [UDP Query User{CAB62C36-0BA0-4420-8453-E5DC43E33303}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe
FirewallRules: [{20863790-0141-4354-9879-E1212DB1D016}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EA41F2B9-5F76-4EAD-B4E0-83D368BEE2B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
13-11-2017 15:40:18 Naplánovaný kontrolní bod
22-11-2017 10:28:28 Naplánovaný kontrolní bod
27-11-2017 07:15:21 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/28/2017 11:02:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/27/2017 08:31:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/27/2017 07:53:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/27/2017 07:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/27/2017 07:23:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LENOVO)
Description: Balíček Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (11/27/2017 07:02:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (11/27/2017 07:02:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (11/27/2017 07:01:59 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (11/27/2017 07:01:59 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (11/27/2017 01:22:56 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
System errors:
=============
Error: (11/28/2017 11:09:00 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba HomeGroupListener skončila s následující chybou specifickou pro službu:
%%2147944153 = Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Error: (11/28/2017 11:08:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (11/28/2017 11:08:49 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x000000d1 (0xfffff80301790010, 0x00000000000000ff, 0x0000000000000000, 0xfffff802266a95ae). Výpis byl uložen do: C:\WINDOWS\Minidump\112817-34328-01.dmp. ID hlášení: a6399897-09dc-40b4-adde-4f4a09dd6461
Error: (11/28/2017 11:08:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:02:18, 28.11.2017) bylo neočekávané.
Error: (11/28/2017 11:03:36 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (11/28/2017 11:03:36 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/28/2017 11:03:31 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/28/2017 11:03:31 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (11/28/2017 11:03:27 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (11/28/2017 11:03:27 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
CodeIntegrity:
===================================
Date: 2017-11-28 10:17:25.857
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-28 09:43:32.065
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-28 07:13:38.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\plugins_meta.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 21:16:05.562
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 21:12:49.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 20:20:27.048
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 19:31:07.454
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 17:20:44.171
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 07:20:09.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-23 14:38:44.328
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G3250T @ 2.80GHz
Percentage of memory in use: 54%
Total physical RAM: 4008.91 MB
Available physical RAM: 1829.1 MB
Total Virtual: 4456.91 MB
Available Virtual: 2259.18 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:439.5 GB) (Free:271.6 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0611DBD6)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Bohumil (28-11-2017 11:13:31)
Running from C:\Users\Bohumil\Desktop
Windows 10 Home Version 1703 15063.726 (X64) (2017-07-24 10:50:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2167593211-4253963868-4146078775-500 - Administrator - Disabled)
Bohumil (S-1-5-21-2167593211-4253963868-4146078775-1001 - Administrator - Enabled) => C:\Users\Bohumil
DefaultAccount (S-1-5-21-2167593211-4253963868-4146078775-503 - Limited - Disabled)
Guest (S-1-5-21-2167593211-4253963868-4146078775-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2167593211-4253963868-4146078775-1005 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.11 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
Calendar Sync + (HKLM-x32\...\{522B1268-079C-4797-BA7F-ADDD44F3E5B0}) (Version: 1.4.0.5 - Ankesh Dave & Akanksha Gaur) Hidden
Calendar Sync + (HKLM-x32\...\{908407df-a3fc-4876-b578-917e49405878}) (Version: 1.4.0.5 - Ankesh Dave & Akanksha Gaur)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Client for Google Translate (HKLM-x32\...\Translate Client) (Version: 6.2.620 - )
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
erLT (HKLM-x32\...\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}) (Version: 1.20.0137 - Logitech, Inc.) Hidden
Freemake Video Converter verze 4.1.7 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.7 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
iMyFone Umate 4.7.0.4 (HKLM-x32\...\{5284F901-9F62-4462-A0E6-2E4373A64454}_is1) (Version: 4.7.0.4 - Shenzhen iMyFone Technology Co., Ltd.)
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11107 - Realtek Semiconductor Corp.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{E6F74D3A-5E93-4DE6-BBC6-7CF175F95214}) (Version: 12.7.1.14 - Apple Inc.)
Kaspersky Anti-Virus (HKLM-x32\...\{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.8625.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MySQL Connector/ODBC 5.2(a) (HKLM-x32\...\{826B011B-F3EA-47B2-BDD9-AB179E7D0E07}) (Version: 5.2.2 - Oracle Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Online Video Converter version 1.0.6 (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\{628BF902-EB66-4BDB-97CB-AE4AAAAA5A7F}_is1) (Version: 1.0.6 - APOWERSOFT LIMITED)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Room Arranger (32-bit) (HKLM-x32\...\Room Arranger) (Version: 9.2 - Jan Adamec)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 8 Start menu 2.2 (HKLM-x32\...\Windows 8 Start menu_is1) (Version: - PS Media s.r.o.)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Xerox Phaser 3020 XPS (Windows (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows ) (Version: 3.03.13.02:11 - Xerox Corporation)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.9 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2167593211-4253963868-4146078775-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-11-27] ()
ContextMenuHandlers1: [AGpShellExt] -> {5CD76C57-6893-478A-B776-47E7C82504BE} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers4: [DiskInternals_cd_recovery] -> {6DD33479-D4D0-4666-93C8-F6DC46668518} => -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-11-27] ()
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.1] -> {7E2FE095-E536-4F69-AC17-997E9EAEBD4D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\shellex.dll [2015-12-22] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10F7A01D-337E-4028-BACD-7318A7ABE32B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-10-19] (Apple Inc.)
Task: {20633BCC-AE8A-4991-806B-8E2FC42954D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {245309FE-219F-4B42-8675-D330D029A5FC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-11-18] (Microsoft Corporation)
Task: {34001973-DC10-447F-AF0A-7F7E74502485} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {4EFE1808-CC5E-4BE2-82AA-7DA11FECF8D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-16] (Google Inc.)
Task: {62846488-5114-48D8-A939-0926BB53B83D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {66473B43-F551-422D-B55E-A6EB1BA20D56} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {75699697-B942-4FD1-86A2-C80574017153} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {77B9932D-2ADA-49F4-9E40-EB590E7431E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-02] (Microsoft Corporation)
Task: {7EFE7E45-781F-4969-AFA8-085C5C55E01C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {914FA67B-7E72-4BF7-A7B2-0F04FE3E03E5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-11] (Adobe Systems Incorporated)
Task: {993B11AF-8257-4028-A61B-B648A1AB50E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-16] (Google Inc.)
Task: {A17F1027-9208-41C8-805B-6D38C15A8FDE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {B7958610-09AD-41CA-8374-6E880D3A049E} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C249F1AB-C17A-4847-BAF8-7A3DB0F7EED3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {D549B3EE-4A1E-4951-9241-C9A743DD6E1D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {DCDB7D5A-5FCC-4E5A-8708-24D9D30F088C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-14] (Microsoft Corporation)
Task: {E5FE688C-24C5-4EC3-99EE-32BFD9425722} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-11-18] (Microsoft Corporation)
Task: {E7B0E0D4-CF2D-4A8B-83A4-1170207F79FC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-02] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-30 17:17 - 2013-12-10 10:43 - 000034304 _____ () C:\WINDOWS\System32\sxj2mlm.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-31 12:47 - 2012-12-02 14:11 - 008197120 _____ () C:\Bohouš\AWKasa5\bin\mysqld-nt.exe
2017-11-23 09:10 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-23 09:10 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-01 22:05 - 2016-11-01 22:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 21:59 - 2017-03-20 05:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-11-13 13:19 - 2015-11-13 13:19 - 003097640 _____ () C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
2014-04-28 07:19 - 2014-04-28 07:19 - 000184320 _____ () C:\Program Files (x86)\Rainlendar2\lua52.dll
2015-11-13 10:51 - 2015-11-13 10:51 - 000330240 _____ () C:\Program Files (x86)\Rainlendar2\libical.dll
2015-11-13 10:51 - 2015-11-13 10:51 - 000060928 _____ () C:\Program Files (x86)\Rainlendar2\libicalss.dll
2015-11-13 13:20 - 2015-11-13 13:20 - 000283176 _____ () C:\Program Files (x86)\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2015-11-13 13:19 - 2015-11-13 13:19 - 000075816 _____ () C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll
2014-04-28 07:19 - 2014-04-28 07:19 - 000015872 _____ () C:\Program Files (x86)\Rainlendar2\lfs.dll
2015-12-22 01:47 - 2015-12-22 01:47 - 000794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\kpcengine.2.3.dll
2014-11-04 10:05 - 2013-09-04 01:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-11-27 07:28 - 000000727 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\Control Panel\Desktop\\Wallpaper -> c:\users\bohumil\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\{d173442d-9abe-48f8-958e-be355da1ad0c}.jpg
DNS Servers: 77.237.128.2 - 77.237.128.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: HiSuiteOuc64.exe => 2
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\Services: JME Keyboard => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: ssinstall => 2
HKLM\...\StartupApproved\StartupFolder: => "Translate Client.lnk"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtsCM"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "jmekey"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "jmesoft"
HKLM\...\StartupApproved\Run32: => "RtsCM"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "ZAM"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_4C012B0ED3B9B62D2BB8574BEDF83FCD"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "Google Photos Backup"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Bohumil\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "WinThrusterReminder"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "CalendarSyncPlusStartup"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-2167593211-4253963868-4146078775-1001\...\StartupApproved\Run: => "iCloudServices"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3FE4E117-4609-4C1B-9660-548508E46CA8}] => (Allow) C:\Users\Bohumil\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe
FirewallRules: [{13E859F6-F9CD-42F5-B1AB-B6748B940AEA}] => (Allow) C:\Users\Bohumil\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe
FirewallRules: [{49154CFA-4312-4807-8D4B-3DDF23A4D78B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E519AF3-529A-42BF-B848-FA335D006484}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EE4634CF-C943-4911-A9B1-A3E3E3BBC25D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3CAC24D-48B8-490C-82BE-B4D5BEE269A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{38AE5DC8-DA1A-4406-A0AB-CDD2F283C52C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{359145EE-72FA-4A13-9D85-21EC02FBE7F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AAFAF81D-22D1-457C-8C0A-F1D99A6F9C0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8FCB8FF9-2108-4358-824F-EC6425D97F82}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2FDAAFF2-142C-41B0-91C4-BA8CB022259E}] => (Allow) F:\solutoinstaller.exe
FirewallRules: [{A714F50B-B4B0-4306-8819-C916B494F393}] => (Allow) F:\solutoinstaller.exe
FirewallRules: [UDP Query User{FA5E779B-9E40-4FFA-B5E5-2CD068A6F77A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{BA3EC141-ED38-4178-A642-1ADD2AF36DB3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{5820E510-94FB-4977-AA4B-5628F33E6020}C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{95550A46-6857-4A56-A560-1E78B7D805ED}C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{44B281DD-340C-4FF9-BB79-A95BBBC4A42D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{C7784EB7-F741-4072-82FD-11933CB865BB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{AF0617D4-A140-43DF-9AB9-6C7CD58F012C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{AA772A9F-F1DA-4C8F-A9CD-002E9684F1B0}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [TCP Query User{5B54D9EB-188E-48F4-AFF6-A37BA1B7A222}C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{F9C175D2-79DD-4F4F-8EE6-EC951874DD3B}C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bohumil\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{C4496C92-E572-454C-A047-40CA7B0255D0}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E4BE4814-8BD2-4E30-9733-B204965C14DC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{C2DA3A5C-6036-4419-A976-E6C3DE2E1ACC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe
FirewallRules: [{36401168-1EC6-45F0-89BD-7E7485F50009}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe
FirewallRules: [{18D3DAAB-07A1-4D9F-960D-DA82A7DDEDAA}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe
FirewallRules: [{D0908B37-0C05-4F32-B9B1-5AA7FD28E9C2}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe
FirewallRules: [{6E7139AA-FC9E-436B-A66A-C6A4F122007F}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe
FirewallRules: [{05AB8985-134D-4D52-A35E-1570F9561846}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe
FirewallRules: [{0C52A8DD-3ADE-4638-A532-123A889F2E05}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe
FirewallRules: [{3049FBAD-0C2B-43D1-B65C-A73622CBD0E5}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe
FirewallRules: [{6E5BDA89-69BC-4E70-8894-D3F7A53A0C7B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe
FirewallRules: [{71599AB1-83A0-4B8A-8B3C-C903CF13A23D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe
FirewallRules: [{1530A82E-4725-4170-89D0-F5C5A8DC2F48}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{5CA4C2BA-7C6E-401B-A601-C1628CAE95E4}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{ACA4DA48-2C59-45B2-8165-9E234FE202CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{328AC374-AC13-4457-823A-EEF32A35BC97}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe
FirewallRules: [UDP Query User{CAB62C36-0BA0-4420-8453-E5DC43E33303}C:\program files (x86)\lonelyscreen\lonelyscreen.exe] => (Allow) C:\program files (x86)\lonelyscreen\lonelyscreen.exe
FirewallRules: [{20863790-0141-4354-9879-E1212DB1D016}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EA41F2B9-5F76-4EAD-B4E0-83D368BEE2B2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
13-11-2017 15:40:18 Naplánovaný kontrolní bod
22-11-2017 10:28:28 Naplánovaný kontrolní bod
27-11-2017 07:15:21 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/28/2017 11:02:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/27/2017 08:31:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/27/2017 07:53:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/27/2017 07:34:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (11/27/2017 07:23:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LENOVO)
Description: Balíček Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (11/27/2017 07:02:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (11/27/2017 07:02:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (11/27/2017 07:01:59 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (11/27/2017 07:01:59 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (11/27/2017 01:22:56 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
System errors:
=============
Error: (11/28/2017 11:09:00 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba HomeGroupListener skončila s následující chybou specifickou pro službu:
%%2147944153 = Pro mapovač koncových bodů nejsou k dispozici další koncové body.
Error: (11/28/2017 11:08:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (11/28/2017 11:08:49 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x000000d1 (0xfffff80301790010, 0x00000000000000ff, 0x0000000000000000, 0xfffff802266a95ae). Výpis byl uložen do: C:\WINDOWS\Minidump\112817-34328-01.dmp. ID hlášení: a6399897-09dc-40b4-adde-4f4a09dd6461
Error: (11/28/2017 11:08:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:02:18, 28.11.2017) bylo neočekávané.
Error: (11/28/2017 11:03:36 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (11/28/2017 11:03:36 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/28/2017 11:03:31 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (11/28/2017 11:03:31 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (11/28/2017 11:03:27 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Error: (11/28/2017 11:03:27 AM) (Source: DCOM) (EventID: 10005) (User: LENOVO)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
CodeIntegrity:
===================================
Date: 2017-11-28 10:17:25.857
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-28 09:43:32.065
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-28 07:13:38.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\plugins_meta.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 21:16:05.562
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 21:12:49.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 20:20:27.048
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 19:31:07.454
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 17:20:44.171
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-27 07:20:09.964
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-23 14:38:44.328
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\product_info.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G3250T @ 2.80GHz
Percentage of memory in use: 54%
Total physical RAM: 4008.91 MB
Available physical RAM: 1829.1 MB
Total Virtual: 4456.91 MB
Available Virtual: 2259.18 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:439.5 GB) (Free:271.6 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0611DBD6)
Partition: GPT.
==================== End of Addition.txt ============================