Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2017
Ran by Anna (19-11-2017 19:44:35)
Running from C:\Users\Anna\Desktop
Windows 10 Home Version 1703 15063.726 (X64) (2017-05-03 16:31:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2686369778-1409566017-2263283837-500 - Administrator - Disabled)
Anna (S-1-5-21-2686369778-1409566017-2263283837-1001 - Administrator - Enabled) => C:\Users\Anna
DefaultAccount (S-1-5-21-2686369778-1409566017-2263283837-503 - Limited - Disabled)
Guest (S-1-5-21-2686369778-1409566017-2263283837-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
AVI ReComp 1.5.5 (HKLM-x32\...\AVI ReComp) (Version: 1.5.5 - Mateusz Gola (aka Prozac))
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1321.0_WHQL - Sonix)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.2004.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.2004.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2686369778-1409566017-2263283837-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 cs)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MPC-HC 1.7.10 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Prohlížeč Seznam.cz (HKU\S-1-5-21-2686369778-1409566017-2263283837-1001\...\Seznam Browser) (Version: 4.1.1 - Seznam.cz a.s.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Sweet Home 3D version 3.4 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest)
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XviD MPEG4 Video Codec (remove only) (HKLM-x32\...\XviD MPEG4 Video Codec) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2686369778-1409566017-2263283837-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-25] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-10-25] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0038825A-E0F6-48C1-A601-FD9CB49EB1EA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {039AE59A-08B6-453C-89F5-AC829FC61692} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {11B71828-0497-49B2-B51D-A2792A5D4EA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {18C38B17-4E40-46CD-8444-07AE824B7B43} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {1C50B33F-D700-4FDD-8646-1C359EDED57D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\38ba8f10-0c93-4894-83c8-5b6232f3042b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {204B0438-61BB-4148-A737-89A9609F7E90} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2BEF3A7C-292A-407E-8614-4EA3502FE016} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {33114AAB-980C-4D59-A564-392AF6642B33} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3CAB8D11-8AF7-4500-ACBD-779A362AC388} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3EEB98CF-FEEC-4A48-8BBB-CA29EA51480F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {44E87635-A1EF-40A5-80ED-A092EB505F91} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {4F0D3FE5-5EEA-46AF-B302-3A9059F26802} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5033058D-5F8A-4F4E-BB6E-8A7E532F9A95} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {50866422-6677-427E-8CB5-EBF50B20FCE4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ba427317-3d4e-4435-b042-e5727cb29f4a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {6D9482D3-F1F0-440F-9540-93663A76D9A1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {86A17596-5651-4EC8-AD88-F2423410BEAC} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {88AC0B4D-3C7E-40F2-AA87-FB26DD6B33F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24] (Google Inc.)
Task: {88DB75D2-3258-4724-9893-3A587196F267} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9766ABC5-E56A-4F6D-8EC0-97FC0ADE6361} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {B29966F2-2997-4491-BC22-8E477CCD37B1} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-10-25] (Synaptics Incorporated)
Task: {B534E972-BFA3-4654-BF0F-6DD13F7F446D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {B623E97E-B296-4D2F-860E-86DC2A513A21} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {B98C0464-8A2D-4290-BE1E-3C08C1D76892} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C6CA30E9-55C7-474A-B164-17221AD8074D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CA01DFDE-6A60-4382-AA9D-EA5D50FE784E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {DFBCC2DB-BCE2-406D-B892-4EC19E83024C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {E1C37A24-B741-4854-ABAB-F47530EEA4A3} - \WPD\SqmUpload_S-1-5-21-2686369778-1409566017-2263283837-1001 -> No File <==== ATTENTION
Task: {E5D7A582-40B5-48A2-BC2A-26D708A7A35A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\687eec6c-307b-42ff-8d50-7561fb934fd7 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {E663895F-A776-4F30-B88F-66D9C5625631} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {ED12A212-C7D6-47B3-8F39-4F7904795AB0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-19] (Microsoft Corporation)
Task: {F39E9839-0D06-4678-90D2-47DDE4958BE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {F7EAA025-A127-4E95-98EA-A77B4B90222E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24] (Google Inc.)
Task: {FC856C49-C7F9-4646-9A8F-DDAF9F2122A8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\386679f4-b226-4215-96c5-65250f92bf93 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {FDBDEA77-717F-48DF-B99A-893F8F5E32BA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-11-07 13:12 - 2012-04-24 11:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-19 03:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-11-07 12:25 - 2010-10-26 05:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 21:50 - 2014-11-07 13:25 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2017-11-12 13:35 - 2017-11-12 13:35 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-12 13:35 - 2017-11-12 13:35 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-18 17:19 - 2017-10-18 17:19 - 000086224 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-05-31 09:17 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-08-17 15:51 - 2017-08-17 15:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-10-15 07:55 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2686369778-1409566017-2263283837-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-2686369778-1409566017-2263283837-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_12C6C396F9F079F593189BD3E5EB8A5F"
HKU\S-1-5-21-2686369778-1409566017-2263283837-1001\...\StartupApproved\Run: => "GoogleDriveSync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{F748F24B-9D2C-40DD-9D7C-AD0B0FBF3DEF}C:\users\anna\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\anna\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{FCC6F0B2-60B2-4DEE-9C12-309C8271D665}C:\users\anna\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\anna\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{DBCAE017-F16F-4ADE-A5F0-C9D501DB6CEC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5989F4E5-3882-4FFA-B8FF-E7C2A8F493D8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0DCAE4F0-06E0-47BC-A144-558AE6C92B95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CF501AA1-B14B-4594-A24B-B7DC9289D6CC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{27248879-D253-4210-BA1C-339A93A5F966}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C6CFC745-1F0B-4925-97A5-641AB4FF1D28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{74134184-D4F9-490E-B719-7FAE1C9D5876}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{30BBF573-6657-4D83-BD3A-39822D1ED037}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8E98E368-6CEE-4D54-A469-EACB6F4BFFE1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5D0F3373-056E-45C3-A5B2-A3983E53609E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{445BB9BE-D6B3-459D-9D42-44BEE02985B4}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{52364E4D-660F-452D-9632-0F32BB52B308}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{DED6E6BA-657C-493B-B046-E1C106612AB4}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F5C4E9DE-0DD3-4887-B084-03B798AA83CF}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{2902F38B-67EA-42AD-9BCF-586A9CE6682A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{5F040A3F-34B2-4CA1-8789-C4CD00049D49}] => (Allow) LPort=55100
FirewallRules: [{FAF8692E-CC1A-40EB-A4C9-38600EC1398E}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{DCF99754-8C50-4C0E-88FC-1660AB5A8FE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1302E371-6215-4709-B1D2-A90CF3063F0C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EB3E2824-1287-4363-ABB0-4CEEAA71773A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CE7F4698-7E20-49FE-8FCA-78DD3A209DE1}] => (Allow) LPort=2869
FirewallRules: [{95A0FE0B-881E-4A58-8EEF-230ED30F0197}] => (Allow) LPort=1900
FirewallRules: [{5244DCF4-1C50-41EB-AB2F-3A5556FC70F4}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{E921C6D3-0C70-43CE-9836-57CF22ADBF98}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

28-10-2017 18:09:41 Scheduled Checkpoint
06-11-2017 19:03:50 Scheduled Checkpoint
15-11-2017 20:36:34 Windows Update
15-11-2017 20:38:23 Windows Update
19-11-2017 12:58:19 Windows Update

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/19/2017 01:59:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.15063.483, časové razítko: 0x88a53c1d
Kód výjimky: 0xc000041d
Posun chyby: 0x00005836
ID chybujícího procesu: 0xc54
Čas spuštění chybující aplikace: 0x01d36130a8adbd66
Cesta k chybující aplikaci: C:\Users\Anna\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 6074f24e-a99a-4e70-a5bb-b3b85b226b4f
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/19/2017 01:02:47 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (5584) Pokus o otevření souboru C:\Users\Anna\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (11/19/2017 12:51:30 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/19/2017 12:51:30 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/19/2017 12:51:30 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/19/2017 12:51:30 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/19/2017 12:51:30 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/19/2017 12:51:30 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (11/19/2017 12:50:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MŮJ-PC)
Description: Aplikaci Microsoft.WindowsStore_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/19/2017 12:50:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MŮJ-PC)
Description: Aplikaci Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2147023174. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (11/19/2017 07:35:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Security Center byla ukončena s následující chybou: 
%%16389

Error: (11/19/2017 07:32:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/19/2017 12:57:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Security Center byla ukončena s následující chybou: 
%%16389

Error: (11/19/2017 12:55:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba HomeGroup Provider závisí na službě Function Discovery Resource Publication, která neuspěla při spuštění v důsledku následující chyby: 
Při spouštění služba uvízla ve spouštěcím stavu.

Error: (11/19/2017 12:55:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Function Discovery Resource Publication přestala během spouštění reagovat.

Error: (11/19/2017 12:55:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Function Discovery Resource Publication přestala během spouštění reagovat.

Error: (11/19/2017 12:55:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/19/2017 12:51:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby: 
Požadavek není podporován.

Error: (11/19/2017 12:50:38 PM) (Source: DCOM) (EventID: 10010) (User: MŮJ-PC)
Description: Server Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe!App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/19/2017 12:34:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo PhoneCompanionVap Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 46%
Total physical RAM: 3979.21 MB
Available physical RAM: 2126.87 MB
Total Virtual: 5579.21 MB
Available Virtual: 3602.21 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:298.35 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 60CAF301)

Partition: GPT.

==================== End of Addition.txt ============================