Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by lenovo (18-05-2017 07:03:12)
Running from C:\Users\lenovo\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-22 20:41:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1139293016-3686136104-1418621097-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1139293016-3686136104-1418621097-503 - Limited - Disabled)
Guest (S-1-5-21-1139293016-3686136104-1418621097-501 - Limited - Disabled)
lenovo (S-1-5-21-1139293016-3686136104-1418621097-1001 - Administrator - Enabled) => C:\Users\lenovo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.4.0.1227 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandicam.com)
Call Of Duty 4 Modern Warfare (HKLM-x32\...\Call Of Duty 4 Modern Warfare_is1) (Version: 1.7 - Activision Blizzard)
Call Of Duty Modern Warfare 2 verze 1.2 CZ (HKLM-x32\...\{318EAFB5-2019-4A09-811D-33A45A4E71D5}_is1) (Version: 1.2 CZ - tomi2k9)
Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation)
Camtasia 9 (Version: 9.0.0.1306 - TechSmith Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Components (x32 Version: 1.0.023.00 - Lenovo) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
ISSENEWClient 8.02 - Firefox 6.0.1 (HKLM-x32\...\{7F55769E-39A9-4D48-8018-42865B6244CC}_is1) (Version:  - AURA, s.r.o.)
KOPLAYER Pro version: 1.4.1049 (HKLM\...\KOPLAYER_is1) (Version:  - KOPLAYER Team)
Lenovo Business Vantage (HKLM-x32\...\{BAAE4B9C-8D26-44AF-BCE8-181C8F4A8D5B}_is1) (Version: 3.0.2.3 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo PowerDVD12 (x32 Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Smart Fingerprint (HKLM-x32\...\{90C700B4-BC7E-4628-867C-FC8622F0DAD9}_is1) (Version: 1.0.0.44 - Lenovo)
Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.076.00 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29088 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.289.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{9062E143-DEDB-4F8C-B5B8-30AEC328400C}) (Version: 4.5.289.0 - Synaptics)
Update for Skype for Business 2015 (KB3191873) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{99A93261-8F42-4F98-A5B3-2706C8113A8E}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3191873) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0E943AAB-F229-4B5D-B0FA-F46A66B4EE95}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3191876) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{63B92B9B-BAA1-4708-BB4B-216BB5FD6322}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3191876) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{63B92B9B-BAA1-4708-BB4B-216BB5FD6322}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3191876) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{63B92B9B-BAA1-4708-BB4B-216BB5FD6322}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3191876) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{63B92B9B-BAA1-4708-BB4B-216BB5FD6322}) (Version:  - Microsoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
User Manuals (x32 Version: 4.0.0.1 - Lenovo) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {027273B0-F409-4F38-8026-F37BD36844B3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-07] (Lenovo)
Task: {1998B19C-F8B2-4059-A137-E6648C58F312} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {19D4B9B5-9331-4A40-82C2-E896EEBAB9FA} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-07] (Lenovo)
Task: {19DB8C1D-C9F7-4ED9-BAFF-B94B82DC95B5} - System32\Tasks\Lenovo\fplmonitor => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [2015-07-10] (Lenovo)
Task: {1DF12C8C-41C6-4E9D-9B29-ED48FDA9ECE6} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {3110BE80-7383-404E-9542-FFE133853F28} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c86e190c-2c80-4b77-bc76-774c736898f2 => c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {5773DCC1-E3AA-4632-B978-C84A3FA8D766} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [2017-04-15] (Adobe Systems Incorporated)
Task: {59ACB64C-B780-4F05-B60C-8F3EFC982A16} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {87D4EFD3-7A83-4D7F-976D-9609726ED219} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-05-17] (AVAST Software)
Task: {901C9858-5E17-46F6-8323-66F4DF6C2ADD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5a215b73-8a3d-414f-9d2c-0f57088c91ff => c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {9A94C1FE-C186-4F10-89C2-72F220A1849A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-07] ()
Task: {A004C640-A732-42F2-B88C-E88C773F8A42} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-17] (AVAST Software)
Task: {A03EBB9F-F324-4499-9AC7-B820DD9A670E} - System32\Tasks\Atbuphplapuing Manager => C:\Program Files (x86)\Choqoght\perfich.exe 
Task: {AA90D641-1BA3-413F-98DC-A26E2B4D638A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {B5FB468B-060B-4BC5-9F64-1AA71240F5DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B6379A2C-73A6-4460-80BE-7EE37F031A45} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ab527298-088c-4a04-a4e2-3d42f9c6f340 => c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {B85675CA-5707-4796-AAB2-0A94F471EB4B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {BCBE387C-4CC2-4FBD-90F5-A0C92FEF5A0C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {C2B5E4EE-33EA-4009-9417-01AA2C92D557} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe 
Task: {C3FCF0CA-8388-46EF-9E9A-2225A53BD7F8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-28] (CyberLink Corp.)
Task: {CD6BD454-93BF-4439-8C65-B53E26E72A2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {D8C29BF6-005B-4C9F-9D56-9D59E3A92651} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E06F6408-992B-481B-B76B-FC24EB4738D6} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-05-25] (Lenovo)
Task: {E199AF4F-AE66-41EE-B5AA-EB3297320309} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {E3691F10-2C23-4110-9BCA-A476B1BBBEB9} - System32\Tasks\SafeZone scheduled Autoupdate 1495043596 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {E82A3D4C-3A48-4781-85D2-4A9FC692E010} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-07] ()
Task: {F6914DF9-FD89-4D13-B52D-4DFDE7F513A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 04:55 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 04:55 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-08-24 05:23 - 2015-08-19 16:41 - 00395880 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-15 17:29 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 12:32 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 12:32 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 12:32 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 12:32 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 04:55 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 04:55 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-16 11:45 - 2015-09-16 11:45 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-09-16 11:45 - 2015-09-16 11:45 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2017-04-11 00:57 - 2017-04-11 00:57 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-05-17 19:47 - 2017-05-17 19:47 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-17 19:48 - 2017-05-17 19:48 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-17 19:48 - 2017-05-17 19:48 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-17 19:47 - 2017-05-17 19:47 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-17 19:47 - 2017-05-17 19:47 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-17 19:46 - 2017-05-17 19:46 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2017-05-17 18:24 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1139293016-3686136104-1418621097-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AC1BD9AA-25EB-43DD-8C3B-2AB3557FE306}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BF2DB6BD-41BA-47DE-893E-7AA4DB0237F4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{63B565C4-9829-40FC-9811-D49BF02FF43F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{16EDBE02-BEB0-4733-B9AE-20140F8D8EC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D65492A7-F360-4381-A959-CA5E2FF3DA6B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{81C922BF-BFB4-4672-8E6B-18FADECB522E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{4641C68F-EDDF-4B56-8623-212C2B335378}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{43531D57-03C6-4235-8820-907F6C7CE871}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{78FA98E8-5545-4F1F-B984-3D2B9C591210}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FA0AB3F1-99E9-46F6-A4E8-7FD724177A4C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6E9CB27E-52A7-44DE-BC00-CCFFF0451FA8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9C1057F7-0F84-4549-B3F2-7A07702995C3}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [TCP Query User{AE1CCA87-819E-44DE-A7C5-AD6BC712EFD9}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{4827AD80-3C3F-470A-998D-157153BB1239}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{40CC0D08-07DE-4296-87C0-521197AD4458}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{468044DD-0E38-40E0-B771-E99592910CDB}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{E1228F66-03CF-4110-BCBE-2081CD3A2398}] => (Allow) D:\KOPLAYER\download\MiniThunderPlatform.exe
FirewallRules: [{E04B89BC-4297-493C-8E47-01077964CEB0}] => (Allow) D:\KOPLAYER\download\MiniThunderPlatform.exe
FirewallRules: [{7F5FDC4F-6502-45A7-8EFA-BCD9EE79F639}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{86A2D89D-1203-4347-83DF-42199AB0A417}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{D822028E-10AF-4807-BB46-AE4070C796B9}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{843EF7A9-9EA9-4868-9C01-E2D16E1F347E}] => (Allow) D:\KOPLAYER\vbox\VBoxManage.exe
FirewallRules: [{E9633208-6BE9-4AD8-B8DD-4344AAAA0093}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{9A8344BF-8EB2-429B-A7AF-06561BF33AC7}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{5203305D-5BB9-4C05-ACE2-4D2DC5C11620}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{011FB4C1-FFF3-4CFF-8819-C0FEED8E1207}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{53AA693B-68F9-42C6-A8BD-83451ABB3103}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{A8D9CE77-278C-40C6-A58F-BC82E8FBA7C7}] => (Allow) D:\KOPLAYER\vbox\VBoxHeadless.exe
FirewallRules: [{BB1EC0EB-C30F-4ECD-9907-127E3DB84AB3}] => (Allow) LPort=8318
FirewallRules: [{3F5E6C69-41B1-48F9-814A-03A879441375}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3B61F93A-8323-4B44-8696-BCCB06ADB0FE}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat
FirewallRules: [{710E3CAC-CC82-433D-9350-510D563C0672}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd5000lpcx-24c6ht0_wd-wx51a65c55lpc55lp.dat
FirewallRules: [{F986907E-BA35-4770-9535-B90E583EADE2}] => (Allow) C:\Program Files (x86)\Canrain\Application\chrome.exe
FirewallRules: [{E6547A9B-5A5D-42F8-9750-B294B8AB64B0}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{7A43B53F-7364-4F15-98C1-0C0016BA0CCD}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe
FirewallRules: [{9D1709E7-905B-4D6C-AA98-146B7DBC1B80}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe

==================== Restore Points =========================

14-05-2017 11:34:08 Naplánovaný kontrolní bod
14-05-2017 19:34:19 JRT Pre-Junkware Removal
17-05-2017 20:20:38 Removed Avira Software Updater

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/17/2017 08:44:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP-RGJV2R1O)
Description: Balíček Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (05/17/2017 08:21:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (05/17/2017 08:14:29 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (05/17/2017 08:14:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/17/2017 07:54:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (05/17/2017 07:50:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/17/2017 07:50:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/17/2017 07:43:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (05/17/2017 07:40:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (05/17/2017 07:27:41 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (05/18/2017 06:59:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (05/18/2017 06:57:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/18/2017 06:56:39 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (6:52:52, ‎18.‎05.‎2017) bylo neočekávané.

Error: (05/17/2017 09:58:51 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RGJV2R1O)
Description: Server {0002DF02-0000-0000-C000-000000000046} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/17/2017 09:58:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/17/2017 09:31:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou: 
Nesprávná funkce.

Error: (05/17/2017 09:07:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/17/2017 08:16:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (05/17/2017 08:14:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 a APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/17/2017 08:11:00 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-RGJV2R1O)
Description: Server {0002DF02-0000-0000-C000-000000000046} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
  Date: 2017-05-15 19:11:51.500
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-14 11:53:12.716
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-14 11:18:01.903
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-12 02:47:52.978
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-11 06:49:25.486
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-11 06:49:25.468
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-11 06:49:25.453
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-10 21:53:03.449
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-10 05:52:37.993
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-09 21:51:20.235
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 3825U @ 1.90GHz
Percentage of memory in use: 46%
Total physical RAM: 4009.84 MB
Available physical RAM: 2139 MB
Total Virtual: 11177.84 MB
Available Virtual: 9406.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:417.05 GB) (Free:211.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4C51C248)

Partition: GPT.

==================== End of Addition.txt ============================