Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.01.2018 01
Ran by stopi (14-01-2018 13:00:18)
Running from C:\Users\stopi\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2017-12-04 13:14:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1104765351-4159224750-1873705849-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1104765351-4159224750-1873705849-503 - Limited - Disabled)
Guest (S-1-5-21-1104765351-4159224750-1873705849-501 - Limited - Disabled)
stopi (S-1-5-21-1104765351-4159224750-1873705849-1001 - Administrator - Enabled) => C:\Users\stopi
WDAGUtilityAccount (S-1-5-21-1104765351-4159224750-1873705849-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.52.0 - Autodesk)
Callida euroCALC 3 - Lokální instalace (HKLM-x32\...\euroCALC 3 - Local_is1) (Version: euroCALC 3 - Lokální instalace - )
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.259.0 - Conexant Systems)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
DWG TrueView 2017 - English (HKLM\...\{28B89EEF-0028-0409-0100-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON L565 Series Printer Uninstall (HKLM\...\EPSON L565 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Officejet Pro 8000 Enterprise A811a (HKLM-x32\...\{BEFD3C9F-FEDB-47e6-8572-8095E1B7296E}) (Version:  - Hewlett-Packard)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{E2617EC2-35E0-414C-942B-9020B80B6EDF}) (Version: 1.1.0.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.1.0.0) (Version: 1.1.0.0 - První certifikační autorita, a.s.)
I.CA SecureStore 2.38.4 (HKLM\...\{8EC27CA6-E4CD-40BB-AC61-FCD651D13747}) (Version: 2.38.4 - První certifikační autorita, a.s.)
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10240.11138 - Realtek Semiconductor Corp.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.135.1 - Intel Security)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4568 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
LibreOffice 5.1.3.2 (HKLM-x32\...\{5F7475A1-6240-4753-BE3E-61499621EC42}) (Version: 5.1.3.2 - The Document Foundation)
McAfee Safe Connect (HKLM-x32\...\{F210DAEC-9E43-467E-87E8-B02DA469CFFC}) (Version: 1.4.1.150 - McAfee, Inc)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 57.0.4 (x64 cs)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
Mozilla Thunderbird 52.5.2 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 cs)) (Version: 52.5.2 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Sentinel System Driver Installer 7.5.8 (HKLM-x32\...\{75BC36E7-AC24-4F35-8AE0-B5885F887744}) (Version: 7.5.8 - SafeNet, Inc.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.89975 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.216.1616.137 - ALPS ELECTRIC CO., LTD.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-09-25] (AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-09-25] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-09-25] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-17] (Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2017-09-25] (AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18832BF7-3549-4069-9865-9DA5F9894696} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1E1F4E33-37BD-4A3C-8CC2-943203D6BEC9} - System32\Tasks\EPSON L565 Series Update {B710552D-617D-46BD-B124-E25D8E0F1173} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {5111462E-4EB8-4A59-8526-BF158BF24FD9} - System32\Tasks\EPSON L565 Series Update {A9145F59-F329-4978-BE3F-C9437CF0196E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {6801D0E9-6A1A-4B3A-BB5D-772B6BFC2C07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {71C99BC1-646D-4E38-9D88-0FD6D2874A0C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-22] (Google Inc.)
Task: {79747134-990A-40E4-B660-76AB5665129B} - System32\Tasks\EPSON L565 Series Update {C2C8E717-A4B2-41E9-9190-A8324034F7B9} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {802A8F9A-7F35-4988-895A-8F5A70C48E46} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [2015-12-11] (Realtek Semiconductor Corp.)
Task: {A576AFB3-E91E-4EE4-BCD7-BFBFFF551C98} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {CE28485B-34D3-4421-B833-A4EF1651D862} - System32\Tasks\EPSON L565 Series Update {92216B3B-8188-4371-9CE8-334A98BE9AB1} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {F9A21D8B-EC1C-4AB0-97B0-57A18F11CF5B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-11] (Adobe Systems Incorporated)
Task: {FBE2853C-8809-4204-BD4D-4A35403E5DF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-22] (Google Inc.)
Task: {FF6BFD39-E8DD-48B0-B523-2E85AD02C67D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L565 Series Update {92216B3B-8188-4371-9CE8-334A98BE9AB1}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMPE.EXE:/EXE:{92216B3B-8188-4371-9CE8-334A98BE9AB1} /F:UpdateWORKGROUP\DESKTOP-PABLMPI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L565 Series Update {A9145F59-F329-4978-BE3F-C9437CF0196E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMPE.EXE:/EXE:{A9145F59-F329-4978-BE3F-C9437CF0196E} /F:UpdateWORKGROUP\DESKTOP-PABLMPI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L565 Series Update {B710552D-617D-46BD-B124-E25D8E0F1173}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMPE.EXE:/EXE:{B710552D-617D-46BD-B124-E25D8E0F1173} /F:UpdateWORKGROUP\WIN-VKQTRFEOUL6$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L565 Series Update {C2C8E717-A4B2-41E9-9190-A8324034F7B9}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMPE.EXE:/EXE:{C2C8E717-A4B2-41E9-9190-A8324034F7B9} /F:UpdateWORKGROUP\DESKTOP-PABLMPI$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-06-13 16:06 - 2016-06-13 16:06 - 000214640 _____ () c:\windows\system32\SecureStoreCsp.dll
2016-06-13 13:53 - 2016-06-13 13:53 - 000457216 _____ () c:\windows\system32\SecureStoreCspRes.dll
2017-02-17 08:27 - 2017-02-17 08:27 - 000401864 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-13 15:10 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 15:10 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-04 07:13 - 2018-01-04 07:13 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-04 07:13 - 2018-01-04 07:13 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-04 07:13 - 2018-01-04 07:13 - 024670720 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-04 07:13 - 2018-01-04 07:13 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-04 07:13 - 2018-01-04 07:13 - 000667648 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-01-09 07:36 - 2018-01-09 07:36 - 004698840 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-14 08:57 - 2017-12-14 08:58 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-12-14 08:57 - 2017-12-14 08:57 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 05:02 - 2017-10-05 05:04 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-11 11:31 - 2017-11-11 11:32 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-05 05:02 - 2017-10-05 05:03 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-12-14 08:57 - 2017-12-14 08:57 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-14 08:57 - 2017-12-14 08:58 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-12-14 08:57 - 2017-12-14 08:58 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-12-14 08:57 - 2017-12-14 08:57 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-12-14 08:57 - 2017-12-14 08:57 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 07:55 - 2017-08-29 07:55 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-14 08:57 - 2017-12-14 08:58 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-12-14 08:57 - 2017-12-14 08:57 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-12-14 08:57 - 2017-12-14 08:58 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-12-28 08:45 - 2017-12-28 08:45 - 026507776 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-12-28 08:45 - 2017-12-28 08:45 - 008370176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 06:11 - 2017-09-26 06:11 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-09-25 09:36 - 2017-09-25 09:36 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\kpcengine.2.3.dll
2017-12-06 08:29 - 2017-12-06 08:29 - 000102088 _____ () C:\Users\stopi\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\fbpplpmc.sys:changelist [370]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gyrprquq.sys:changelist [374]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibcfbzih.sys:changelist [372]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\irulhxvz.sys:changelist [750]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nknemxqt.sys:changelist [374]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nyeytksx.sys:changelist [754]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nyzdycgq.sys:changelist [376]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\snlojgit.sys:changelist [376]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\umkkrxkq.sys:changelist [742]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2017-11-13 07:21 - 000000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1104765351-4159224750-1873705849-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.0.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0D47EE26-17C0-4156-8DF8-D3B502EC9A0E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{4F0763E4-9D9C-497D-AA0C-072E0ADBA424}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{B5C8490B-D99F-43E3-9604-E9DC896BF211}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9489D5A5-2074-4571-9E40-F91A6F76F189}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ABC2D95F-1694-420F-B3E5-CB4E685EB08B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{56A67F5E-AF67-4678-9059-0704D080EC93}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8B82028B-7D6F-4566-A4A9-D4E5F4FA4C62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2A3CD095-1F24-4DF5-8F1D-B17E781EC419}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{07605905-AD18-4284-9186-5EE491DF0744}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/14/2018 12:09:31 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   v System.Data.SQLite.SQLiteConnection.Open()
   v McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   v McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   v McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (01/14/2018 10:42:44 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   v System.Data.SQLite.SQLiteConnection.Open()
   v McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   v McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   v McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (01/12/2018 02:18:03 PM) (Source: ESENT) (EventID: 489) (User: )
Description: SettingSyncHost (5460,P,0) {8ACE9333-6C50-470E-87B8-EC3BF107369C}: Pokus o otevření souboru C:\Users\stopi\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\meta.edb jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/11/2018 01:14:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Microsoft.Photos.exe, verze: 2017.39101.16720.0, časové razítko: 0x5a2aef80
Název chybujícího modulu: SharedLibrary.dll, verze: 1.7.25531.0, časové razítko: 0x597af36c
Kód výjimky: 0x00001007
Posun chyby: 0x0000000000493b3f
ID chybujícího procesu: 0x1abc
Čas spuštění chybující aplikace: 0x01d38ad41d3440fe
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.7_1.7.25531.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
ID zprávy: 1ffee2d1-43ca-41d7-ab9d-eee8b4d60e5f
Úplný název chybujícího balíčku: Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (01/10/2018 02:33:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/18/2017 09:15:25 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   v System.Data.SQLite.SQLiteConnection.Open()
   v McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   v McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   v McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (12/18/2017 09:14:00 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   v System.Data.SQLite.SQLiteConnection.Open()
   v McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   v McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   v McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (12/15/2017 01:17:58 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.

Error: (12/15/2017 01:17:58 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (12/15/2017 08:36:43 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentException: Data Source cannot be empty.  Use :memory: to open an in-memory database
   v System.Data.SQLite.SQLiteConnection.Open()
   v McAfee.YAP.Service.Data.McBioSQLite.GetConnection()
   v McAfee.YAP.Service.Data.McBioSQLite.StoreInServiceInfo(String key, String value)
   v McAfee.YAP.Service.Common.McBioBCAService.DisableSpoofingMode()
   v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)


System errors:
=============
Error: (01/14/2018 12:24:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/14/2018 12:16:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/14/2018 12:11:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-PABLMPI)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-PABLMPI\stopi (SID: S-1-5-21-1104765351-4159224750-1873705849-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/14/2018 12:09:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/14/2018 12:09:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/14/2018 12:09:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/14/2018 12:09:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/14/2018 12:05:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (01/14/2018 12:04:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (01/14/2018 12:02:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo PM Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 54%
Total physical RAM: 4013.22 MB
Available physical RAM: 1846.02 MB
Total Virtual: 4717.22 MB
Available Virtual: 2014.47 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:449.09 GB) (Free:379.49 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 55D3F4D8)

Partition: GPT.

==================== End of Addition.txt ============================