﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Eva at 2015-05-03 13:18:10
Running from C:\Users\Eva\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4010058807-3723972284-700192988-500 - Administrator - Disabled)
Eva (S-1-5-21-4010058807-3723972284-700192988-1002 - Administrator - Enabled) => C:\Users\Eva
Guest (S-1-5-21-4010058807-3723972284-700192988-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-4010058807-3723972284-700192988-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Media MP4 to MP3 Converter 6 (HKLM-x32\...\4Media MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - 4Media)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon) <==== ATTENTION
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
AVerMedia H334 MiniCard HID 10.2.64.91 (HKLM-x32\...\AVerMedia H334 MiniCard HID) (Version: 10.2.64.91 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia TV Player (HKLM-x32\...\InstallShield_{DFD1F64D-2AF0-4CE2-9752-D701E80F8D1C}) (Version: 1.8.0 - AVerMedia Technologies, Inc.)
AVerMedia TV Player (x32 Version: 1.8.0 - AVerMedia Technologies, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comparing (HKLM-x32\...\InstallShield_{233EE2F2-EDA8-4C70-ABC3-D656D67D2CD5}) (Version: 1.00.2012.0921 - Tong child Research & Planning Co.,Ltd)
Comparing (x32 Version: 1.00.2012.0921 - Tong child Research & Planning Co.,Ltd) Hidden
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.8 - Monet+,a.s.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
EducationPortal (HKLM-x32\...\{65487538-FF20-421B-91DB-F6634B8D264C}) (Version: 5.00.012.0903 - Lenovo)
Find the Differences (HKLM-x32\...\InstallShield_{EAA04F6D-6E10-4267-B824-C35D3B9E0155}) (Version: 1.00.2012.0920 - Tong child Research & Planning Co.,Ltd)
Find the Differences (x32 Version: 1.00.2012.0920 - Tong child Research & Planning Co.,Ltd) Hidden
Finding the Letters (HKLM-x32\...\InstallShield_{535FB733-FFCF-4460-8694-664A2F6C53B4}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
Finding the Letters (x32 Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
FORM studio (HKLM-x32\...\FSCZ_is1) (Version:  - KASTNER software s.r.o.)
Fruits (HKLM-x32\...\InstallShield_{AA39BFDE-71E5-46A6-A10B-44C2F45A341E}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
Fruits (x32 Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.8.1000 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JUKwin 5.0.0.7 (HKLM-x32\...\JUKwin_is1) (Version:  - KOPR software)
KPrint verze 1.8.0.1 (HKLM-x32\...\KPrint_is1) (Version: 3.0.6 - KOPR software)
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dashboard (HKLM-x32\...\{FEF1833C-244C-4DF2-AB67-1E1D26921ED8}) (Version: 2.0.0.18 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5723.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5723.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo SoftAP (HKLM-x32\...\{F5A08FAD-697C-4952-9E7D-F741CD42F069}) (Version: 1.0.0.13 - Realtek)
Lenovo Solution Center (HKLM\...\{C51863E5-EB09-43A5-9D43-26A32587EEAC}) (Version: 2.4.002.00 - Lenovo Group Limited)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mammals (HKLM-x32\...\InstallShield_{ACA58CEB-2F74-4095-ADB6-4C1BFB170F64}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
Mammals (x32 Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
Matching Roles (HKLM-x32\...\InstallShield_{92736E44-7608-4D80-9333-E40C82B7E8B3}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
Matching Roles (x32 Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4010058807-3723972284-700192988-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
NVIDIA Graphics Driver 332.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.92 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Puzzle (HKLM-x32\...\InstallShield_{6EB7ECE3-E3BE-481D-821B-F1AFFA244D64}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
Puzzle (x32 Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7093 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version:  - Seznam.cz)
Seznam Software (HKU\S-1-5-21-4010058807-3723972284-700192988-1002\...\SeznamInstall) (Version:  - Seznam.cz)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Standard (HKLM-x32\...\{73F1B10B-D6D3-4DC6-AD9E-FE40CFD44B3A}) (Version: 10900.79 - STORMWARE)
STORMWARE WINLEX (HKLM-x32\...\{5D2F8CE8-502E-4920-B786-1D61D88412E1}) (Version: 5.1.10900.3 - StormWare)
STORMWARE WINLEX (x32 Version: 5.1.10800.2 - StormWare) Hidden
STORMWARE WINLEX (x32 Version: 5.1.10900.3 - StormWare) Hidden
sudoku (HKLM-x32\...\InstallShield_{8C4715DF-8AC9-4F0A-8E35-F9B4CF318FF1}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
sudoku (x32 Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)
timer (HKLM-x32\...\InstallShield_{9CC4B8EE-A96B-4800-B674-0CF8B4560F45}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
timer (x32 Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4010058807-3723972284-700192988-1002_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\Eva\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-4010058807-3723972284-700192988-1002_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\Eva\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-4010058807-3723972284-700192988-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Eva\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

14-04-2015 18:30:56 Scheduled Checkpoint
22-04-2015 10:51:14 Windows Update
29-04-2015 11:42:23 Scheduled Checkpoint
03-05-2015 11:36:17 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-05-03 11:36 - 00000753 ____A C:\windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost 

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0710D2E9-3270-4CBA-8075-1EEC1B0B854A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {0F537882-6612-4271-9CF1-CEFFD496EE25} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4010058807-3723972284-700192988-1002
Task: {15D714A5-F19E-46EA-B32A-8040080A18F4} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {1EBD4DA2-DB67-4ED2-9376-687F4A333D69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-17] (Google Inc.)
Task: {3A2F5B4B-8543-4148-8EBC-3C0484E2FCBA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-20] (Lenovo)
Task: {450A8BA7-49A3-4D1C-AA45-F752CE8F6101} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-17] (Google Inc.)
Task: {47814B50-89BD-4DAB-A9F9-1ED3FC24E833} - System32\Tasks\Trigger KMS Activation => C:\Install\Office 2013 64 bit - CZ\aktivator - KMSnano v19 Final\TriggerKMS.exe [2013-01-26] ()
Task: {5AB4AF63-EB30-4AAE-8E2A-768E5B98205C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {5B159476-636C-4843-9A42-8FFE9A90FE7B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for EVIK-Eva Evik => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {61B5F0AC-F88C-4297-BA62-6B438C0A06B7} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-02-20] ()
Task: {65236EAF-C285-4212-BD7E-08795DFDC3B3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {810EEF0B-9236-4AC1-A1BA-8F29E33FB805} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-09-09] (Dolby Laboratories Inc.)
Task: {99C4FC37-6934-4B88-8A5B-83E9F0DD214A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-18] (Lenovo)
Task: {9DF672EB-9895-4CFB-8BC4-76D65798802E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {AE5F4592-476A-458B-9B8C-B23711B7CB08} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-02-20] (Lenovo)
Task: {B0D980B5-530B-4447-B31C-90A2393EB16D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C73A47FF-C3F8-4338-9C0A-4DE4CC583019} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {D1FCC4DD-B250-4929-9E8F-C15060559D50} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {E1E53ABA-C147-4208-9178-EDF7D25ED903} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-20] ()
Task: {E864173C-8EA3-4A68-897E-456FE76BCA26} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4010058807-3723972284-700192988-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {FC8A7FBC-79C6-4CC4-ABA0-9FBB7C9FC747} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-06-20 22:52 - 2014-03-27 16:48 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-01-27 09:32 - 2011-01-27 09:32 - 00027648 _____ () C:\windows\System32\ssb7mlm.dll
2014-06-20 23:14 - 2013-08-16 09:15 - 00772096 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2015-01-12 13:29 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-06-20 22:54 - 2011-08-17 05:46 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2014-06-20 23:11 - 2013-05-14 04:53 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-03-02 19:59 - 2013-04-15 13:32 - 00060416 _____ () C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\27777libfoxloader-x64.dll
2013-09-09 22:13 - 2013-09-09 22:13 - 00050904 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2015-03-02 19:59 - 2013-04-12 10:13 - 00457208 _____ () C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-06-20 23:14 - 2013-08-23 11:24 - 00163840 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe
2015-03-02 19:59 - 2013-04-29 12:53 - 00045560 _____ () C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2014-06-20 22:54 - 2011-08-17 05:46 - 00024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2014-06-20 23:14 - 2012-06-09 12:33 - 00053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2015-01-12 13:58 - 2015-01-12 13:58 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-03-02 19:59 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-03-02 19:59 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\Eva\AppData\Roaming\Seznam.cz\bin\27777libfoxloader.dll
2015-01-12 13:29 - 2015-01-12 13:29 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-06-20 22:54 - 2011-05-17 22:27 - 00028672 _____ () C:\Windows\jmesoft\hidhook.dll
2009-12-05 01:59 - 2009-12-05 01:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-05 02:04 - 2009-12-05 02:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2014-06-20 22:53 - 2013-09-12 11:39 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-28 21:56 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-28 21:56 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-28 21:56 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Eva\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4010058807-3723972284-700192988-1002\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-4010058807-3723972284-700192988-1002\...\samsungsetup.com -> hxxp://www.samsungsetup.com
IE trusted site: HKU\S-1-5-21-4010058807-3723972284-700192988-1002\...\servis24.cz -> hxxps://www.servis24.cz


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4010058807-3723972284-700192988-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img7.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B7C56D56-D267-4D4D-9D45-C050927B58BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{1FF33449-871D-41B7-9B2C-035D9C3315A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{07F3A638-66FA-4FC1-8E21-C0C8BD703544}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3A974CEF-7F83-4345-8E5C-D8243B08B078}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C98E8930-D199-4234-9745-05015645981B}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F7B14607-CBD5-4993-9F4B-5AB6AEEAD220}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{485177C0-11ED-4745-A656-F7A54A273E8D}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{40151494-B489-4CDD-BE45-7A8B72E0946E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{91BD1DF5-6038-4C19-ADFD-E518B5B86C7F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{74007243-A8AF-4392-8F09-3D86C9184D65}] => (Allow) C:\Users\Eva\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{CDB99437-932D-4A02-9AD6-3DCF74DAADD2}] => (Allow) C:\Users\Eva\AppData\Local\Temp\KMSnano\qemu-system-i386.exe
FirewallRules: [{2DA3E3FB-4AA2-412E-AACA-D971FCF5B0DB}] => (Allow) C:\Users\Eva\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{54AFD273-5139-45C8-A09C-96A0683DDCFC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D816559C-1A24-4957-82EC-3B5F9CC45A6E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E5315EFE-404E-443D-87B2-B8B4FF328C9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E9B0B8F8-58B9-4FCF-837A-74904EB8748D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{903D90A0-8E39-4439-97E7-990779D0613D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{411C7D29-C953-4561-92BB-C2D72831B399}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FB0A758D-44B3-4400-96EA-85B10AF58D57}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2015 01:04:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Aplikaci Microsoft.BingSports_8wekyb3d8bbwe!AppexSports se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/03/2015 01:04:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Aplikaci Microsoft.BingNews_8wekyb3d8bbwe!AppexNews se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/03/2015 11:58:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Aplikaci Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/03/2015 11:46:39 AM) (Source: ssinstall) (EventID: 0) (User: )
Description: Service failed on start: ''03.05.2015'' is not a valid date

Error: (05/03/2015 11:33:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Aplikaci Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/03/2015 11:03:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Aplikaci Microsoft.BingNews_8wekyb3d8bbwe!AppexNews se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/03/2015 11:03:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Aplikaci Microsoft.BingSports_8wekyb3d8bbwe!AppexSports se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/03/2015 10:03:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Aplikaci Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/03/2015 09:48:46 AM) (Source: ssinstall) (EventID: 0) (User: )
Description: Service failed on start: ''03.05.2015'' is not a valid date

Error: (05/03/2015 09:46:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Aplikaci Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (05/03/2015 11:57:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba pcicsa.sys neuspěla při spuštění v důsledku následující chyby: 
%%2

Error: (05/03/2015 11:46:36 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba McAfee AP Service závisí na následující službě: mfevtp. Tato služba pravděpodobně není nainstalována.

Error: (05/03/2015 11:44:05 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/03/2015 11:44:05 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/03/2015 11:44:05 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/03/2015 11:44:05 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/03/2015 11:44:04 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/03/2015 11:36:37 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (05/03/2015 10:01:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba pcicsa.sys neuspěla při spuštění v důsledku následující chyby: 
%%2

Error: (05/03/2015 09:53:39 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: EVIK)
Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-4010058807-3723972284-700192988-1002-0-ntuser.dat


Microsoft Office Sessions:
=========================
Error: (05/03/2015 01:04:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148

Error: (05/03/2015 01:04:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (05/03/2015 11:58:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink-2144927148

Error: (05/03/2015 11:46:39 AM) (Source: ssinstall) (EventID: 0) (User: )
Description: Service failed on start: ''03.05.2015'' is not a valid date

Error: (05/03/2015 11:33:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2144927148

Error: (05/03/2015 11:03:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (05/03/2015 11:03:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148

Error: (05/03/2015 10:03:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink-2144927148

Error: (05/03/2015 09:48:46 AM) (Source: ssinstall) (EventID: 0) (User: )
Description: Service failed on start: ''03.05.2015'' is not a valid date

Error: (05/03/2015 09:46:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EVIK)
Description: Microsoft.BingFoodAndDrink_8wekyb3d8bbwe!AppexFoodAndDrink-2144927148


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460T CPU @ 1.90GHz
Percentage of memory in use: 20%
Total physical RAM: 8092.27 MB
Available physical RAM: 6445.36 MB
Total Pagefile: 9372.27 MB
Available Pagefile: 7058.19 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:842.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B5AD1A79)

Partition: GPT Partition Type.

==================== End Of Log ============================