Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2017
Ran by greenhorn (12-01-2017 19:04:20)
Running from C:\Users\greenhorn\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-13 09:36:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2946792676-692352388-3923824208-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2946792676-692352388-3923824208-503 - Limited - Disabled)
greenhorn (S-1-5-21-2946792676-692352388-3923824208-1002 - Administrator - Enabled) => C:\Users\greenhorn
Guest (S-1-5-21-2946792676-692352388-3923824208-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2946792676-692352388-3923824208-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.30.0 - Mirillis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Advanced SystemCare 10 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 10.1.0 - IObit)
Aiseesoft Screen Recorder 1.0.8 (HKLM-x32\...\{DD85E531-C84E-4247-B7A3-5F0C22D276DB}_is1) (Version: 1.0.8 - Aiseesoft Studio)
Apex All in One PDF Tools 2.4.8.2 (HKLM\...\Apex All in One PDF Tools_is1) (Version: 2.4.8.2 - apexsofts.com)
Artisteer 4 (HKLM-x32\...\Artisteer 4) (Version: 4.0 - Extensoft)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
CinemaHD 4 Free (HKLM-x32\...\{d6fdf5fc-8c5f-48c0-a314-83b565e1dc97}) (Version: 4.0.5533.27229 - Engelmann Media GmbH)
CinemaHD 4 Free (x32 Version: 4.0.5533.27174 - Engelmann Media GmbH) Hidden
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
CoffeeCup Free FTP (HKLM-x32\...\CoffeeCup Free FTP 4.2) (Version: 4.2 - CoffeeCup Software, Inc.)
COLOR projects professional (64-Bit) (HKLM\...\COLOR_PROJECTS_1_3_C935FDA1_is1) (Version: 1.14 - Franzis Verlag GmbH)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
CrazyTalk Animator Standard (HKLM-x32\...\{789567FD-CAA2-4E1C-B38E-9072B3015FFD}) (Version: 1.2.2010.1 - Reallusion Inc.)
CrazyTalk v7.32 Standard (HKLM-x32\...\{27C4EA98-84A3-4CDF-A436-F984A0283357}) (Version: 7.32.3114.1 - Reallusion Inc.)
CSE HTML Validator Standard v12.03 (HKLM-x32\...\CSEHTMLVALIDATOR120_is1) (Version: 12.3.0.0 - AI Internet Solutions LLC)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3617.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.3617.0 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Energy Manager (x32 Version: 1.5.0.21 - Lenovo) Hidden
EOP NMN Master 1.5.6.8 (HKLM-x32\...\EOP NMN Master_is1) (Version: 1.5.6.8 - cn.everyonepiano.com)
EOP Video Recorder 1.0 (HKLM-x32\...\EOP Video Recorder_is1) (Version: 1.0.12.2 - everyonepiano.com)
EOPSheetMusic 1.1 (HKLM-x32\...\EOPSheetMusic_is1) (Version: 1.1.7.4 - EveryonePiano.com)
EveryonePiano 1.9 (HKLM-x32\...\EveryonePiano_is1) (Version: 1.9.5.11 - EveryonePiano.com)
Ext2Fsd 0.48 (HKLM\...\Ext2Fsd_is1) (Version: 0.48 - Matt Wu)
F1 2015 version 1.0 (HKLM-x32\...\{F8180751-C7B2-407F-BD4F-55A6C8FF5F14}_is1) (Version: 1.0 - Codemasters)
Filter Forge 4.015 (HKLM-x32\...\Filter Forge 4_is1) (Version:  - Filter Forge, Inc.)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HD Video Converter Factory Pro 9.4 (HKLM-x32\...\HD Video Converter Factory Pro) (Version: 9.4 - WonderFox Soft, Inc.)
Chord Pickout 3.0 (HKLM-x32\...\Chord Pickout 3.0) (Version: 3.0 - ChordPickout.com)
Icecream PDF Split and Merge verze 3.04 (HKLM-x32\...\{95DC4DB4-99FB-4FB2-ADBD-97F194EDEB4D}_is1) (Version: 3.04 - Icecream Apps)
Inpaint 6.2 (HKLM\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version:  - Teorex)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{06A5031E-3B1E-4FB9-AC4C-BA0FE2706152}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.510 - IObit)
IQmango 3D Player 4.5.4 (HKLM-x32\...\{6F350D5E-D458-4003-8B6E-E3AC95C230C0}_is1) (Version: 4.5.4 - cyan soft ltd)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
KB Piano 2.5.1 GOTD (HKLM-x32\...\KB Piano_is1) (Version:  - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Krita Desktop (x64) 2.9.5.2 (HKLM\...\{E90EE369-46ED-4A9D-A99C-87FFAD5C4709}) (Version: 2.9.5.2 - Krita Foundation)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 2.0.0.19 - Lenovo) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
LibreOffice 4.4 Help Pack (Czech) (HKLM-x32\...\{680F9EF4-F1B8-4F1A-8D81-A867677C63C2}) (Version: 4.4.3.2 - The Document Foundation)
LibreOffice 5.0.0.5 (HKLM\...\{A4D51ECF-D046-46F5-935F-2B3A6ADF89D9}) (Version: 5.0.0.5 - The Document Foundation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.266 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MP3 Toolkit 1.1 (HKLM-x32\...\MP3 Toolkit_is1) (Version:  - MP3Toolkit.com)
MPEG Video Wizard DVD 5.0.1.108 (06/2013) (HKLM-x32\...\{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1) (Version: 5.0.1.108 - Womble Multimedia, Inc.)
MultiMark PRO 1.0.0 (HKLM-x32\...\{5B89B590-4714-4069-BE7C-152D935D23DE}_is1) (Version: 1.0.0 - DicoLab B.V.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 -  Microsoft)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Pdf Editor (HKLM-x32\...\{729E66B3-1B80-4F3F-8D29-342A89631E0A}_is1) (Version:  - )
Pdf Editor (HKLM-x32\...\{739126B3-1B80-4F1F-8D59-312A19633E1A}_is1) (Version:  - )
PDF Impress 10 (HKLM\...\{55B278A0-F58B-4D42-84FB-2D463672F62A}) (Version: 69.11.216 - BinaryNow, Inc.)
PDF Merge&Split (HKLM-x32\...\PDF Merge&Split) (Version: 2.0.1 - Epubor Inc.)
Photo Background Remover 1.4 (HKLM-x32\...\Photo Background Remover_is1) (Version: 1.4 - SoftOrbits)
PhotoStitcher 1.6 (HKLM\...\{299EB32D-0525-4482-A8B5-1F30725AB6F1}_is1) (Version:  - Teorex)
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10614 - CyberLink Corp.)
Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version:  - IObit)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.8.2500 - Jan Fiala)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
Real-Draw PRO 4.0 (HKLM-x32\...\Real-Draw PRO_is1) (Version:  - Mediachance)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
RegRun Reanimator (HKLM-x32\...\UnHackMe Update - Reanimator_is1) (Version:  - Greatis Software, LLC.)
ScreenCamera registered to GiveAwayOfTheDay version 3.1.1.41 (HKLM-x32\...\{D47A18EF-38BC-4951-A344-9800D3BF4D53}_is1) (Version: 3.1.1.41 - PCWinSoft Software)
Seznam Software (HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\SeznamInstall) (Version:  - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.4 - IObit)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)
Sothink Media Toolkit 1.0.0.0 (14/09/2015) (HKLM-x32\...\Sothink Media Toolkit_is1) (Version:  - Zhang Qingming)
StarCam Genie (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.20.0.302 - Micro-Star Int'l Co.,Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1230 - SUPERAntiSpyware.com)
SuperEZ Wave Editor Pro v12.2.6 (HKLM-x32\...\SuperEZ Wave Editor Pro_is1) (Version:  - SuperEZMedia Development Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated)
Synthesia (remove only) (HKLM-x32\...\Synthesia) (Version:  - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Topfield Tools (HKLM-x32\...\{74B58083-B5B9-46a5-847C-248F97FF2A56}) (Version:  - Topfield)
TuneUp Utilities Language Pack (en-US) (x32 Version: 9.0.2000.10 - TuneUp Software) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Video Watermark Pro (HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\VideoWatermarkPro) (Version:  - WonderFox Soft, Inc. All Rights Reserved.)
VideoReDo TVSuite Version 3.1.5.564 (HKLM-x32\...\VideoReDoTVSuite_is1) (Version:  - DRD Systems, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Wondershare PDF Converter (Build 4.0.5) (HKLM-x32\...\{A888A8D1-ACCB-4EBE-AAA8-903D2B8FB6A4}_is1) (Version: 4.0.5 - Wondershare Software)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version:  - )
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2946792676-692352388-3923824208-1002_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E27CC70-7133-4EA1-B0EB-6A2A0AA969DB} - System32\Tasks\Uninstaller_SkipUac_greenhorn => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-12-15] (IObit)
Task: {14273116-A1C7-4F9B-BE66-0E0CD9D02A8C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {16E0FF43-CB32-4556-ACA1-008C2950DE0A} - System32\Tasks\Driver Booster SkipUAC (greenhorn) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {213F253A-693B-4831-AC45-E5D0F4E976C0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2E26C8FB-134C-41B4-8DC7-2675F0155B9D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {488DBA8F-1E8C-40D9-936A-DF541A22DF67} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4A26DBEA-93A6-4B3A-881B-FF239556B915} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4AF2C86F-337A-4814-AF26-A5214CFEB5F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4B5349A8-B248-44B5-9213-07C6D2559C28} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4FF824C4-3FDB-4D1A-86F1-ED31B0DB4E1C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {584B67DE-8085-453D-A28A-687FE489DAC1} - System32\Tasks\Symantec\Norton Error Analyzer 5.2.0.13 => C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\SymErr.exe
Task: {5D72A228-0F08-4730-B15C-77475C9A6104} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {620A53D4-623A-4BFD-AB45-D5B597671305} - System32\Tasks\ASC10_SkipUac_greenhorn => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-12-20] (IObit)
Task: {65F00D0F-4D09-4065-88DD-D450AD7E2363} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {73B83335-6B8E-406D-8BA4-875278C4C5AA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {77E7E302-DFD6-468E-8464-0D90DDDF23A4} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-12-05] (IObit)
Task: {83A35758-9D37-4552-90A5-44D7B127F295} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8A4A9882-A632-4FEE-ADF3-50BB10817939} - System32\Tasks\Symantec\Norton Error Processor 5.2.0.13 => C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\SymErr.exe
Task: {8B60E7D5-5C95-488C-BE15-35A3A1345881} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {8D484CAC-A2A0-4A43-8DEE-51F4505EFBF9} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe
Task: {951C9692-9B64-4698-9B79-C476048E6440} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-30] (Tencent) <==== ATTENTION
Task: {9EDA2194-018D-4B81-A5D6-BA25AE8A1064} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {A4F3349E-75F2-4631-82CF-659C80E48A9B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B2E063F1-43B0-4145-A6B7-1E5AF58F8FFD} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {B6E8F704-F66B-4DB3-AE2C-76114A606C9D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B7846577-7C74-4C02-901F-A3C7F66BB1AC} - System32\Tasks\{2D0C8188-21D5-4BBB-9204-BB34BFDEA392} => pcalua.exe -a "C:\Program Files (x86)\Common Files\OverZentouch\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\OverZentouch\uninstall.dat" -a uninstallme FFCF2174-491F-4010-BD70-9A2ADDAC183D DeviceId=94515257-636f-65ca-04b3-89783b6e465a BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
Task: {B990CD8D-1835-45E2-948D-BC5EBC136C10} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B9D46F7B-460A-45BA-A7C4-A68C0732A49E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {B9F7DFA7-E2CF-44E2-8BC6-A158A8534BF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {C0EB2385-CF84-49A1-8B7A-F1CCD0B99139} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-01] (Google Inc.)
Task: {C6B95B83-A115-45F5-8362-0D658226047E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-01] (Google Inc.)
Task: {D5611631-8BE3-437E-A989-CDD8A3EA66CA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_197_pepper.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {DB606336-9EF1-4EA0-A291-750EA09D9E36} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_197_pepper.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_greenhorn.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-13 10:11 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-28 11:00 - 2014-11-28 11:00 - 00133440 _____ () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
2017-01-06 22:11 - 2017-01-06 22:11 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-11 19:09 - 2016-09-11 19:10 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-10-22 15:28 - 2006-09-18 13:12 - 00843776 _____ () C:\Windows\vsnpstd3.exe
2016-11-01 23:05 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-01-06 22:11 - 2017-01-06 22:11 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-17 13:52 - 2016-09-17 13:52 - 00560768 _____ () C:\Program Files (x86)\KuaiZip\X64\KZipShell.dll
2015-06-20 09:19 - 2014-11-02 16:45 - 00029184 _____ () C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2016-03-13 18:59 - 2016-03-13 18:59 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-09-11 18:00 - 2016-09-11 18:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2017-01-06 22:11 - 2017-01-06 22:11 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-06 22:11 - 2017-01-06 22:11 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-06 22:11 - 2017-01-06 22:11 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-06 22:11 - 2017-01-06 22:11 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-17 13:52 - 2016-09-17 13:52 - 00216704 _____ () c:\program files (x86)\kuaizip\x86\kuaizipupdatechecker.dll
2016-12-31 18:01 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-31 18:01 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-31 18:01 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-01-06 18:55 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2008-12-29 14:42 - 2008-12-29 14:42 - 00232960 _____ () C:\WINDOWS\SYSTEM32\WinTab32.DLL
2016-12-31 18:00 - 2016-08-18 18:43 - 00442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2016-12-31 18:00 - 2016-08-18 18:43 - 00210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2016-12-31 18:00 - 2016-08-18 18:43 - 00059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2016-12-31 18:00 - 2016-11-01 10:11 - 00078624 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll
2016-09-11 19:09 - 2016-09-11 19:10 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-09-11 19:09 - 2016-09-11 19:10 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-12-31 18:01 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-12-31 18:01 - 2016-09-26 13:59 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2014-11-28 10:20 - 2013-09-16 20:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2015-06-17 18:45 - 2015-06-17 18:46 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0888F409 [236]
AlternateDataStreams: C:\ProgramData\Temp:66633281 [246]
AlternateDataStreams: C:\ProgramData\Temp:B1CD2545 [236]
AlternateDataStreams: C:\ProgramData\Temp:EEDA5B17 [121]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\100sexlinks.com -> 100sexlinks.com

There are 4790 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2946792676-692352388-3923824208-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\greenhorn\Pictures\Tapety\Obrázky\025a.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: cz.seznam.software.autoupdate => "c:\users\greenhorn\appdata\roaming\seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "c:\users\greenhorn\appdata\roaming\seznam.cz\bin\wszndesktop.exe"  -q
MSCONFIG\startupreg: OneDrive => "c:\users\greenhorn\appdata\local\microsoft\onedrive\onedrive.exe" /background
MSCONFIG\startupreg: PhoneCompanion => c:\program files\lenovo phonecompanion\phone companion.exe
MSCONFIG\startupreg: seznam-listicka-distribuce => "c:\program files (x86)\seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: Wondershare Helper Compact.exe => c:\program files (x86)\common files\wondershare\wondershare helper compact\wshelper.exe
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run: => "Lenovo Utility"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run32: => "snp2uvc"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2946792676-692352388-3923824208-1002\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{0A135898-C353-4405-BEFC-3320E7AE3C9B}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FFBB5D20-06DB-4D29-96F2-115E0A36354D}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{32FDEAEE-21B2-4C4B-8352-F7F943C01465}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{29C55A19-D072-43E8-BAE6-7F2EFB19E040}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6550BDD9-AA69-407E-92DC-58E4EA1571A3}] => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{4B2EFA2F-154C-4456-952E-D0DA62BC5AE8}] => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{419EFA07-25BB-493A-BD37-A2ED63FC020F}] => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{29A80537-022F-4ABA-B11B-D61CC11A793C}] => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{836274A7-0B93-4E37-9E57-BCA8C64C5702}] => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{2365816B-B33C-4060-B98B-C0EA33B8E393}] => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{21726177-DF84-45F1-9B95-6D85A4CABE7D}] => C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{5689C5D5-91E4-42CE-BE91-6440F2DAB019}] => C:\Program Files (x86)\Artisteer 4\bin\Artisteer.exe
FirewallRules: [{F23DEAAF-0B2E-44EB-909F-2D1661086207}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{4472D647-243E-451A-A4DB-E4647C56642D}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{B9E64802-B5F8-4455-8ADA-ACB0562C4E6B}] => C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{B4B16A42-E121-4741-A357-5CA86ED5671B}] => LPort=55100
FirewallRules: [{D5A46DD6-7CA1-4B6B-ADDB-811DF6F7C955}] => C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{CA8043E8-A128-4BAF-9019-232C96F3A8B8}] => C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{CB48356E-2E81-44F5-94DD-BB8F41211FCE}] => C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0D61B856-2505-41BE-A805-79F7A849413E}] => C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{EC2C3779-03C7-4F2E-8D4D-2B10B4F47CF5}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{95A79369-77A8-4D91-98BA-009E46E2C9EE}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{2E259E6B-296E-42C6-9B55-F125FCBF5ACD}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{215E67B3-4920-42C7-AFF9-9B66C59E2621}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E664AE00-EC51-492C-97B5-5B9685D506C5}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{DAF5D609-E7AC-48BA-BE68-D08E87A3DB54}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{C59372DB-84A1-4218-B93A-8713CE1F03E0}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{EEDD0399-EE57-434E-A08C-E45D9940EB7A}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{A47FCE81-0F88-454B-871F-DE7159E91592}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{89C06C26-3511-4A46-B6F4-D3604942D3F0}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{67F5D1CF-8480-48A8-8F5C-ADF2EC631567}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{7E9069D3-5DFB-4E43-874E-D04E6C5118CC}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe

==================== Restore Points =========================

07-01-2017 06:08:19 Scheduled Checkpoint
07-01-2017 11:38:47 Driver Booster : Conexant SmartAudio HD
08-01-2017 16:42:31 Removed Pinnacle Studio 14.
08-01-2017 16:44:06 Removed Ovladače videa společnosti Pinnacle.
11-01-2017 18:45:50 Operace obnovení

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/12/2017 06:39:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.10586.672, časové razítko: 0x580ee8b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0x220
Čas spuštění chybující aplikace: 0x01d26cface21b8b8
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: eda56764-08d9-4411-bf6a-9f835e84449c
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2017 06:39:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.10586.672, časové razítko: 0x580ee8b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0x9b8
Čas spuštění chybující aplikace: 0x01d26cfaca6a9e38
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 565a3487-93a1-4a02-9de2-40b11c0c01c1
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2017 06:39:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.10586.672, časové razítko: 0x580ee8b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0x1140
Čas spuštění chybující aplikace: 0x01d26cfac8d8baa2
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0545b6a5-ed35-410d-84f4-fb67203eb033
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2017 06:39:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.10586.672, časové razítko: 0x580ee8b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0x21c0
Čas spuštění chybující aplikace: 0x01d26cfaaf0ac3c9
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 28d8be84-2435-4149-b5fe-04e5022816f8
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2017 06:38:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.10586.672, časové razítko: 0x580ee8b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0xbf8
Čas spuštění chybující aplikace: 0x01d26cfa24612ca3
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 220f2a63-f1cc-420c-91b6-ede72ba4d2cb
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2017 06:34:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.10586.672, časové razítko: 0x580ee8b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0x1a2c
Čas spuštění chybující aplikace: 0x01d26cfa08b49c4c
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0cb31b20-247b-477c-a60e-cf818aeb521c
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2017 06:33:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.10586.672, časové razítko: 0x580ee8b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0x2f7c
Čas spuštění chybující aplikace: 0x01d26c4abb5e08d6
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: e0803a3b-a48b-48f4-930c-1de7995a2051
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2017 05:17:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_MapsBroker, verze: 10.0.10586.0, časové razítko: 0x5632d7ba
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x8400000f
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xee0
Čas spuštění chybující aplikace: 0x01d26cef56eda9ce
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: d4ecbba5-92c7-4b4a-920a-edfab5a1f5b5
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2017 09:38:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.10586.672, časové razítko: 0x580ee8b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0x1240
Čas spuštění chybující aplikace: 0x01d26c4a92b598da
Cesta k chybující aplikaci: C:\WINDOWS\explorer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 9d7e6480-43e4-4538-b8fb-8abf862385e0
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2017 09:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmplayer.exe, verze: 12.0.10586.0, časové razítko: 0x5632d7d7
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007bbaa
ID chybujícího procesu: 0x330
Čas spuštění chybující aplikace: 0x01d26c4a9a72cb5e
Cesta k chybující aplikaci: C:\Program Files\Windows Media Player\wmplayer.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 833cc8d9-686d-47a1-a4ce-7587269561d5
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/12/2017 05:17:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Správce stažených map byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (01/11/2017 09:22:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Ochrana softwaru přestala během spouštění reagovat.

Error: (01/11/2017 09:19:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service přestala během spouštění reagovat.

Error: (01/11/2017 09:18:23 PM) (Source: DCOM) (EventID: 10016) (User: hoskinson)
Description: Nastavení oprávnění machine-default neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli hoskinson\greenhorn (SID: S-1-5-21-2946792676-692352388-3923824208-1002) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/11/2017 09:18:23 PM) (Source: DCOM) (EventID: 10016) (User: hoskinson)
Description: Nastavení oprávnění machine-default neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli hoskinson\greenhorn (SID: S-1-5-21-2946792676-692352388-3923824208-1002) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/11/2017 09:18:23 PM) (Source: DCOM) (EventID: 10016) (User: hoskinson)
Description: Nastavení oprávnění machine-default neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli hoskinson\greenhorn (SID: S-1-5-21-2946792676-692352388-3923824208-1002) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/11/2017 09:18:23 PM) (Source: DCOM) (EventID: 10016) (User: hoskinson)
Description: Nastavení oprávnění machine-default neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli hoskinson\greenhorn (SID: S-1-5-21-2946792676-692352388-3923824208-1002) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/11/2017 09:18:23 PM) (Source: DCOM) (EventID: 10016) (User: hoskinson)
Description: Nastavení oprávnění machine-default neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli hoskinson\greenhorn (SID: S-1-5-21-2946792676-692352388-3923824208-1002) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/11/2017 09:18:23 PM) (Source: DCOM) (EventID: 10016) (User: hoskinson)
Description: Nastavení oprávnění machine-default neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli hoskinson\greenhorn (SID: S-1-5-21-2946792676-692352388-3923824208-1002) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/11/2017 09:18:23 PM) (Source: DCOM) (EventID: 10016) (User: hoskinson)
Description: Nastavení oprávnění machine-default neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli hoskinson\greenhorn (SID: S-1-5-21-2946792676-692352388-3923824208-1002) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
  Date: 2017-01-12 17:17:27.033
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-11 22:12:09.241
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-11 22:05:09.849
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-11 21:53:48.031
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 21:28:24.775
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-08 22:18:41.355
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-08 07:28:04.723
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-07 04:52:59.831
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-06 23:52:39.262
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-06 22:26:56.131
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 31%
Total physical RAM: 8084.27 MB
Available physical RAM: 5504.72 MB
Total Virtual: 16276.27 MB
Available Virtual: 13608.27 MB

==================== Drives ================================

