Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2017
Ran by KD (05-03-2017 15:45:25)
Running from C:\Users\KD\Desktop
Windows 10 Home Version 1607 (X64) (2017-03-04 14:30:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1331337826-2809015374-3754228717-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1331337826-2809015374-3754228717-503 - Limited - Disabled)
Guest (S-1-5-21-1331337826-2809015374-3754228717-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1331337826-2809015374-3754228717-1005 - Limited - Enabled)
KD (S-1-5-21-1331337826-2809015374-3754228717-1001 - Administrator - Enabled) => C:\Users\KD

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus a Antispyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus a Antispyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Ahoj Benátky 1.1a (HKLM-x32\...\{1.1a Ahoj Benatky 1.1a}_is1) (Version:  - Špidla Data Processing, s.r.o.)
Bezhlavý jezdec - legenda ze Sleepy Hollow - Sběratelská edice v1.0 (HKLM-x32\...\{Bezhlavy jezdec - legenda ze Sleepy Hollow - Sb~AC45662D_is1) (Version:  - Špidla Data Processing, s.r.o.)
Běžící ovce: Malé světy (HKU\S-1-5-21-1331337826-2809015374-3754228717-1001\...\Běžící ovce: Malé světy) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version:  - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
Cradle Of Rome (HKU\S-1-5-21-1331337826-2809015374-3754228717-1001\...\Cradle Of Rome) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Černý kocour - Sběratelská edice v1.1 (HKLM-x32\...\{Cerny kocour - Sberatelska edice}_is1) (Version:  - Špidla Data Processing, s.r.o.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
Farm Frenzy 3: Madagascar (HKLM-x32\...\Farm Frenzy 3: Madagascar) (Version:  - Alawar Entertainment Inc.)
Farm Frenzy 3: Ruská ruleta (HKU\S-1-5-21-1331337826-2809015374-3754228717-1001\...\Farm Frenzy 3: Ruská ruleta) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Farm Frenzy 4 (HKLM-x32\...\Farm Frenzy 4) (Version:  - Alawar Entertainment Inc.)
Farm Frenzy: Antický Řím (HKLM-x32\...\Farm Frenzy: Antický Řím) (Version:  - Alawar Entertainment Inc.)
Filipova dobrodružství - Na stopě rodinným pokladům 1.0 (HKLM-x32\...\{Filipova dobrodruzstvi - Na stope rodinnym pokladum}_is1) (Version:  - Špidla Data Processing, s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Katy a Bob: Návrat domů (HKU\S-1-5-21-1331337826-2809015374-3754228717-1001\...\Katy a Bob: Návrat domů) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10230 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1331337826-2809015374-3754228717-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{F02F4A8B-1A5F-45B8-9B74-AAF21A2B1BCC}) (Version: 2.1.002.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0042 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.228 - McAfee, Inc.)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1331337826-2809015374-3754228717-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 cs)) (Version: 51.0.1 - Mozilla)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Puzzle Deluxe 1.1a (HKLM-x32\...\{1.1a Puzzle Deluxe}_is1) (Version:  - Špidla Data Processing, s.r.o.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31231 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version:  - ‭Canon Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Světový pohár v mahjongu (HKU\S-1-5-21-1331337826-2809015374-3754228717-1001\...\Světový pohár v mahjongu) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Záchranný tým 2 (HKLM-x32\...\Záchranný tým 2) (Version:  - Alawar Entertainment Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1331337826-2809015374-3754228717-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070BB25B-D75C-45A2-AA32-D6D4E129B3E5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0B20F194-12FA-48AB-85DA-B38F7F5E9719} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-12-10] ()
Task: {14160C36-E29C-4D9E-BE17-14B02D4C1C76} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {17AEEABC-DAE2-48EC-9613-11FA70FF819F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-16] ()
Task: {19D2DEBB-6D7B-4ABE-AFF5-2FD8D3453B0C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {1C586CE9-F9DB-4E6A-9021-3060A6A1D7F8} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1331337826-2809015374-3754228717-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\KD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {222F181D-630C-47FC-855C-278B2396A8D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-20] (Google Inc.)
Task: {22DB56D6-6432-44F2-ADD2-BCFA38F66099} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {253F879B-272D-49AE-B631-783F43C361EE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {297D1CB0-9E05-46D5-B76F-4CD9FA65A57F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-12-10] ()
Task: {31CF75A4-60E4-48B6-8D3D-4DD2B16D1010} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14] (Adobe Systems Incorporated)
Task: {345677AD-62DC-4860-9A55-15068BA8A850} - \DriverPack Notifier -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {3F521F16-8A99-43C6-8D5D-02C4301CBEAE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {57F23698-B8C3-44DC-95E0-CD156E976A25} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-12-15] (McAfee, Inc.)
Task: {6B94ABB1-F8DD-4AF8-8BB9-4C6752B3E293} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {70B2C551-7630-49EC-A5CD-49AD96DC6B40} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {8CE79698-314C-4A51-9911-86A2D0894C28} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8EAE8A73-BB1C-42DA-B6F1-0229794DFD8B} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-08] (McAfee, Inc.)
Task: {8EF47F77-7787-41E1-B15A-FDC295736436} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-16] (Lenovo)
Task: {A7A8595F-EE3D-4AF0-8BBB-3B3B833E52DC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B4FB6212-2DC1-4BB6-A78F-BEC7DD885101} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C045A513-1C57-4D75-B8E5-A40FF014BBEE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CDC473B4-E456-4A60-9BDA-F4D93044D659} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-08] (McAfee, Inc.)
Task: {CDFF0C3E-29D2-41ED-A5F8-6190A7B5FCED} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {CEB9FBB0-654D-4F8C-84C8-EC690EF93C60} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {D15B0D5A-C2C4-410C-8644-F9C4703AE3BC} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {D7F6E2B7-452E-4A36-BEF2-1235EFE3A4C2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DA7D7410-9D5A-4500-96DE-F254EBF9E90D} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {DDFB0A7F-117D-4F3A-910A-A385EC1717C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-20] (Google Inc.)
Task: {E8EC2949-237F-46ED-A899-075574AAB39B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-16] (Lenovo)
Task: {EC36263C-A403-45F7-BEE1-257FDA7DEB32} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {F16E54E4-C25B-4DCA-B7DF-8A2667032EE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F39A6E81-9804-436B-B517-03B866C86FDA} - System32\Tasks\Opera scheduled Autoupdate 1466255678 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F3D13504-E9A2-4720-82FA-4720B296D253} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-04 14:40 - 2017-03-04 14:40 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-11-22 10:15 - 2016-12-15 11:37 - 00020208 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2017-03-04 14:40 - 2017-03-04 14:40 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-21 05:05 - 2016-11-21 05:05 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-04 14:40 - 2017-03-04 14:40 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-04 14:40 - 2017-03-04 14:40 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-04 14:40 - 2017-03-04 14:40 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-04 14:40 - 2017-03-04 14:40 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-04 14:40 - 2017-03-04 14:40 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-04 14:40 - 2017-03-04 14:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-04 09:57 - 2016-12-10 08:23 - 00023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2017-03-05 12:57 - 2017-03-05 12:59 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-05 12:57 - 2017-03-05 12:59 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-05 12:57 - 2017-03-05 12:59 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-05 12:56 - 2017-03-05 12:59 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2017-02-08 14:57 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-08 14:57 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2013-08-18 02:45 - 2012-07-18 14:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-03-04 11:15 - 00000850 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1331337826-2809015374-3754228717-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 77.236.129.130 - 88.86.107.235
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C28450E1-0DDA-4097-9D01-030DEE640515}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8E10B2BC-8FCD-4464-85DD-BE44F5B961EE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C6556E9B-0F82-4FF5-A3AC-C86A0E47BC9C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CAB01B15-28AE-49B7-9507-5504A0374092}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{279AF9F8-2CDA-4CA0-B4EA-227438DF6FC1}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{68A81D04-9DB9-40BC-91A0-BD274B6BBC84}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{F8AC4AF1-8BF7-4231-89C9-D3A18597FD12}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{A6946761-AB2B-4515-8287-536BF08928AF}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{A8EEF536-C7BB-4A70-966C-F022C78353B9}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
FirewallRules: [{AB772CEE-C911-4CFC-989A-2BA905FA3A54}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D25375C8-3826-4FE1-9C69-052B41F7F243}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C6E0EA0C-DC57-461B-8BBD-6D845CDBD9DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63AB83B2-7B15-4292-AC22-694BE3132EB8}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{FA379BF0-5B2A-48D0-A3BB-259C2FC18805}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{FB51A00B-08DB-40FE-8C43-D9A604526AE8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7A152D03-32C5-4AA6-80E3-A8B50B31B02E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2017 03:43:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/05/2017 12:17:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/05/2017 12:12:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/05/2017 12:01:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/05/2017 11:46:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/04/2017 08:31:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/04/2017 08:31:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/04/2017 08:26:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/04/2017 08:17:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: idea-PC)
Description: Aplikaci Microsoft.WindowsMaps_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/04/2017 03:18:37 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí wsp_sr se pokusil zaregistrovat dotaz select * from WSP_ReplicationGroupModificationEvent, jehož cílová třída WSP_ReplicationGroupModificationEvent v oboru názvů //./ROOT/Microsoft/Windows/Storage/providers_v2 neexistuje. Dotaz bude ignorován.


System errors:
=============
Error: (03/05/2017 03:44:39 PM) (Source: DCOM) (EventID: 10016) (User: idea-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli idea-PC\KD (SID: S-1-5-21-1331337826-2809015374-3754228717-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/05/2017 03:41:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/05/2017 03:41:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/05/2017 03:41:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/05/2017 03:41:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (03/05/2017 03:40:55 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (03/05/2017 03:40:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/05/2017 03:31:17 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: idea-PC)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1331337826-2809015374-3754228717-1001-0-ntuser.dat

Error: (03/05/2017 03:31:10 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: idea-PC)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1331337826-2809015374-3754228717-1001-0-ntuser.dat

Error: (03/05/2017 03:28:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 53%
Total physical RAM: 3961.77 MB
Available physical RAM: 1828.7 MB
Total Virtual: 5369.77 MB
Available Virtual: 2776.42 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:423.57 GB) (Free:367.28 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2511E7B3)

Partition: GPT.

==================== End of Addition.txt ============================