Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.02.2018
Ran by Jirka (23-02-2018 23:07:33)
Running from C:\Users\Jirka\Desktop
Windows 10 Pro Version 1709 16299.248 (X64) (2017-12-21 06:03:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

$BarTender_Security$ (S-1-5-21-4092717742-3397804182-3344555915-1009 - Limited - Enabled)
$Printer_Maestro$ (S-1-5-21-4092717742-3397804182-3344555915-1014 - Limited - Enabled)
Administrator (S-1-5-21-4092717742-3397804182-3344555915-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4092717742-3397804182-3344555915-503 - Limited - Disabled)
Guest (S-1-5-21-4092717742-3397804182-3344555915-501 - Limited - Disabled)
Jirka (S-1-5-21-4092717742-3397804182-3344555915-1001 - Administrator - Enabled) => C:\Users\Jirka
Sasa (S-1-5-21-4092717742-3397804182-3344555915-1002 - Limited - Enabled) => C:\Users\Sasa
WDAGUtilityAccount (S-1-5-21-4092717742-3397804182-3344555915-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Illustrator CS5 (HKLM-x32\...\{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
BarTender 2016 R5 (HKLM\...\{6D7A7476-9B22-4531-923C-A74AFCD8E7BF}) (Version: 11.0.3132 - Seagull Scientific) Hidden
BarTender 2016 R5 (HKLM\...\BarTender Suite) (Version: 11.0.3132 - Seagull Scientific)
Brother MFL-Pro Suite MFC-L2700DN series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (HKLM-x32\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (HKLM-x32\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (HKLM-x32\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (HKLM-x32\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (HKLM-x32\...\{356658C7-8C60-4A43-AF50-75CA8E642934}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (HKLM-x32\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Extra Content (HKLM-x32\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version:  - Corel Corporation)
CorelDRAW Graphics Suite X5 - Extra Content (HKLM-x32\...\{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (HKLM-x32\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (HKLM-x32\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM-x32\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM-x32\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PL (HKLM-x32\...\{938C2383-A692-4D2C-AE45-024F91EF7B1D}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (HKLM-x32\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (HKLM-x32\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM-x32\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (HKLM-x32\...\{368FCA18-C510-4F87-B60E-192B9BDBAE3D}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.2.0.2051 - Foxit Software Inc.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP Officejet 7110 series Npovda (HKLM-x32\...\{E9DD40A3-E4E5-4525-955D-2FDA56908178}) (Version: 29.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{F20A04CF-5BE6-404A-9295-D59046238245}) (Version: 12.3.6.6 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4240 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 3.1.53.8739 - Intel(R) Corporation)
Intel(R) Update Manager (HKLM-x32\...\{89E5F369-612A-4A5E-8BF2-7938C76ABF29}) (Version: 3.0.135 - Intel Corporation)
Intel Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Manager (HKLM-x32\...\{38251B9A-C44B-42D9-9A6A-0697986E334A}) (Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
Microsoft Office 2013 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 15.0.5007.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4092717742-3397804182-3344555915-1001\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4092717742-3397804182-3344555915-1002\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{5DDC2234-4B37-45BC-AD33-41F1469B4D83}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.5.0.6165 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.5.0 (x86 cs)) (Version: 45.5.0 - Mozilla)
NVIDIA nView 148.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 148.03 - NVIDIA Corporation)
NVIDIA Ovlada dc jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA WMI 2.27.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.27.2 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Ovldac panel NVIDIA 388.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.16 - NVIDIA Corporation) Hidden
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (HKLM\...\{06CDB669-BB6F-47B7-9F83-A3EBCC9797E0}) (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{7F697B24-63AE-4433-8DF6-36F8171CAB70}) (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{0893CB6D-8936-4882-8303-8C0769AA6750}) (Version: 4.1.4.27684 - pdfforge GmbH) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.2 - pdfforge GmbH)
Pervasive PSQL v11 Client (32-bit) (HKLM-x32\...\{0A3238D7-AA32-1130-B717-F3E3F18B4A8C}) (Version: 11.30.061 - Pervasive Software) Hidden
Pervasive PSQL v11 Client (32-bit) SP3 (HKLM-x32\...\Pervasive PSQL v11 Client (32-bit)) (Version: 11.30.061 - Pervasive Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.8.311.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7806 - Realtek Semiconductor Corp.)
SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Studie vylepovn produktu HP Officejet 7110 series (HKLM\...\{5253B4A6-FB92-4CBF-95F3-2465EC1791C1}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
ToolboxProxy (HKLM-x32\...\{B64E0B43-A452-4B25-93DD-E5C6645A534A}) (Version: 035.024.006 - HP) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
Uschovna.cz 1.1.0 (HKLM-x32\...\{8531A154-5045-4E32-885A-391F750C5DE2}_is1) (Version: 1.1.0 - Capsa.cz)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zkladn software zazen HP Officejet 7110 series (HKLM\...\{53DC559F-CABC-4E12-9DF8-3FA081C292BA}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-12-23] (Foxit Software Inc.)
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-05-04] (pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2016-07-13] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-30] (NVIDIA Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-12-23] (Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A8F4D9D-7643-465F-BFF0-49F16784CB83} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-28] ()
Task: {14B789F5-6413-4B05-A84E-3874977CB00D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {14C6EB23-0852-4A52-B6E2-1BBDE7E6D7A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-22] (Microsoft Corporation)
Task: {14F31E68-107D-44ED-B9CA-52B8E53B0177} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-28] ()
Task: {16905379-5D83-497E-8076-D3FBD848B544} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-22] (Microsoft Corporation)
Task: {1A59B3F3-219E-4B14-A630-1A58533B8354} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-01-17] (Adobe Systems Incorporated)
Task: {1E1DEAB8-00A7-4D7D-A90D-5F8666784270} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-07] (Piriform Ltd)
Task: {25C83508-DBCD-4A59-91D0-728C744065BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-22] (Microsoft Corporation)
Task: {4FC809DE-5556-4A75-8EAF-5B5F8A584AFA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {542C04A2-E2D8-478D-994A-576F4D207FF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-22] (Microsoft Corporation)
Task: {603E49B7-F70F-4CF7-8F7F-0BBA3B8834E2} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> No File <==== ATTENTION
Task: {6E4CAC54-A098-4A65-B4DA-69D01A0CF06B} - System32\Tasks\HPCustParticipation HP Officejet 7110 series => C:\Program Files\HP\HP Officejet 7110 series\Bin\HPCustPartic.exe [2012-10-21] (Hewlett-Packard Co.)
Task: {75F6B591-CFEA-4D72-891E-6AFB829B14D8} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> No File <==== ATTENTION
Task: {882F4EAA-5E35-46D4-B97C-6279D3C5059F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {896983C7-461E-43D5-BDF1-77CDF6D0B04C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> No File <==== ATTENTION
Task: {8FA67EB0-0C3A-42BF-BB5D-0398E55F73E9} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> No File <==== ATTENTION
Task: {9FE1B203-1122-48B8-89F3-0B1BD8957F57} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> No File <==== ATTENTION
Task: {ABE8BB31-B74E-48F9-A671-715663C63002} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-19] (Google Inc.)
Task: {C2D071A0-9F80-4D91-A755-FD65FE9DF0CD} - System32\Tasks\AdobeAAMUpdater-1.0-Jirka6-Sasa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {C84EB75B-B2CD-49B4-A9DA-41CBE8477205} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> No File <==== ATTENTION
Task: {E141FD58-2C99-43DC-999B-0DD3A606AA9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-19] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-19 23:25 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-11-07 14:52 - 2005-04-22 05:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2018-02-14 09:08 - 2018-02-10 05:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-14 09:09 - 2018-02-10 05:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-31 06:48 - 2018-01-31 06:48 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-31 06:48 - 2018-01-31 06:48 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-31 06:48 - 2018-01-31 06:48 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-31 06:48 - 2018-01-31 06:48 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2015-05-28 23:22 - 2015-05-28 23:22 - 000177288 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
2018-02-05 07:17 - 2018-02-05 07:17 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 000477696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-02-12 07:50 - 2018-02-12 07:51 - 061401088 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-12-21 07:38 - 2017-12-21 07:39 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 000010240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 003741184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-21 07:38 - 2017-12-21 07:39 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 016183296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 003592704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 003226112 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-02-05 07:17 - 2018-02-05 07:17 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 000090624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-12-21 07:38 - 2017-12-21 07:39 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 000618496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 000200192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\SKU.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 000121856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\ExploreModel.dll
2018-02-12 07:50 - 2018-02-12 07:51 - 000046592 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\ImageDecoding.dll
2016-07-25 01:40 - 2016-07-13 06:57 - 000785976 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000047616 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-02-14 09:08 - 2018-02-10 05:41 - 004173824 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-02-14 09:08 - 2018-02-10 05:41 - 003662336 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-02-23 22:59 - 2018-02-23 23:06 - 000029696 _____ () C:\Users\Jirka\AppData\Local\MSGBOX.EXE
2015-07-10 22:37 - 2015-07-10 22:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-11-07 14:52 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-05-28 23:22 - 2015-05-28 23:22 - 000044168 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32api.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000062600 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pywintypes27.dll
2015-05-28 23:22 - 2015-05-28 23:22 - 000121992 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pythoncom27.dll
2015-05-28 23:22 - 2015-05-28 23:22 - 000024200 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_multiprocessing.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000031368 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_socket.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000445064 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ssl.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000288904 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_hashlib.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000019080 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\select.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000046728 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ctypes.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000028296 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32service.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000025736 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\servicemanager.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000023176 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32pipe.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000044680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32file.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000021128 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32event.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000372360 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_bsddb.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000026248 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32process.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000023176 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32ts.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000021640 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32profile.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000045704 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32security.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000027784 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32inet.pyd
2015-05-28 23:22 - 2015-05-28 23:22 - 000024200 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\EnvironmentID.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4092717742-3397804182-3344555915-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4092717742-3397804182-3344555915-1002\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.0.0.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F31AEBE3-3E6B-48FA-A39A-AE0E011D383C}] => (Allow) LPort=54925
FirewallRules: [{03043E8D-0B4A-4CAE-93CA-C7B73F732798}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14d\FAXRX.EXE
FirewallRules: [{F6C40709-F385-4615-BCA0-7A70EEFE3111}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\74280B5D-A0AF-46c5-9C85-D9EA078262F1\Installer\hpbcsiInstaller.exe
FirewallRules: [{6AB7A47E-E272-47C8-8F9A-18DCCE20828D}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\74280B5D-A0AF-46c5-9C85-D9EA078262F1\Installer\hpbcsiInstaller.exe
FirewallRules: [UDP Query User{1599F403-6613-4E68-8DF7-CCE3EFA5FE25}\\server2012\magis\unipaas19\unirte.exe] => (Allow) \\server2012\magis\unipaas19\unirte.exe
FirewallRules: [TCP Query User{111BA66C-F058-4BEC-AD95-394096D68B00}\\server2012\magis\unipaas19\unirte.exe] => (Allow) \\server2012\magis\unipaas19\unirte.exe
FirewallRules: [{728D6BA1-1C01-412C-BA45-78578302EF41}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{36FCA244-89BF-48BF-8CA8-288E609B0357}] => (Allow) C:\Program Files\HP\HP Officejet 7110 series\Bin\DeviceSetup.exe
FirewallRules: [{63BFAEE5-E5C3-4D87-ABCF-B428D97F4B72}] => (Allow) C:\Program Files\HP\HP Officejet 7110 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{1F4CDC0F-F534-4782-B37F-051EE9110948}\\10.0.0.163\magis\unipaas19\unirte.exe] => (Allow) \\10.0.0.163\magis\unipaas19\unirte.exe
FirewallRules: [UDP Query User{13706782-4A50-4AD3-AC31-1B9D08CD3ED4}\\10.0.0.163\magis\unipaas19\unirte.exe] => (Allow) \\10.0.0.163\magis\unipaas19\unirte.exe
FirewallRules: [{E9FE9852-6E57-4BC5-B38A-11D5A255DB52}] => (Allow) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
FirewallRules: [{3623403D-5B52-4869-81BA-D96A60481601}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{66768CA3-AA15-476B-8D1A-535CF57E7953}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B3E79EAD-1BD9-4475-BFB4-2C08CD0BDE5E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C8DF99B7-C521-458D-8D46-F18460682FD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{441BC43E-E838-4282-B069-4086A1B6DD34}] => (Allow) C:\Program Files\Seagull\BarTender Suite\BtSystem.Service.exe
FirewallRules: [{1DDF9927-A252-4492-ADF0-6BFA33334D2E}] => (Allow) C:\Program Files\Seagull\BarTender Suite\BtSystem.Service.exe
FirewallRules: [{F7420DA4-2E55-4778-B9D3-E0F088AA574B}] => (Allow) C:\Program Files\Seagull\BarTender Suite\PrintScheduler.Service.exe
FirewallRules: [{A42FC164-A4F1-4394-A25E-D605BE6A4E3F}] => (Allow) C:\Program Files\Seagull\BarTender Suite\PrintScheduler.Service.exe
FirewallRules: [{93C71C93-D18B-49D9-90DD-9D9560D62B22}] => (Allow) C:\Program Files\Seagull\BarTender Suite\Integration.Service.exe
FirewallRules: [{28B504A8-9C52-4CA8-B2B6-62AD42DC70FA}] => (Allow) C:\Program Files\Seagull\BarTender Suite\Integration.Service.exe
FirewallRules: [{DE42F9BC-8994-4AC7-B112-9C20D690E2E5}] => (Allow) C:\Program Files\Seagull\BarTender Suite\IntegrationBuilder.exe
FirewallRules: [{19A8C821-2D2F-4454-B5FA-06959F449AF4}] => (Allow) C:\Program Files\Seagull\BarTender Suite\IntegrationBuilder.exe
FirewallRules: [{FECE65CE-8EB5-4F64-9B38-437B1FE1AE39}] => (Allow) C:\Program Files\Seagull\BarTender Suite\HistoryExplorer.exe
FirewallRules: [{2B61BFB0-6047-43B1-89A4-A4EF733E1BBC}] => (Allow) C:\Program Files\Seagull\BarTender Suite\HistoryExplorer.exe
FirewallRules: [{115881BE-FD2B-4ABD-89E9-DE6F1F45F955}] => (Allow) C:\Program Files\Seagull\BarTender Suite\ReprintConsole.exe
FirewallRules: [{320BDACC-8D46-455E-94CA-E2258165ABA7}] => (Allow) C:\Program Files\Seagull\BarTender Suite\ReprintConsole.exe
FirewallRules: [{9863D068-5F85-4402-96E3-D52327A741D3}] => (Allow) C:\Program Files\Seagull\BarTender Suite\AdminConsole.exe
FirewallRules: [{A903ACD3-709E-4DE5-86FE-C310D93346B2}] => (Allow) C:\Program Files\Seagull\BarTender Suite\AdminConsole.exe
FirewallRules: [{A36B0F14-9578-42A4-B62B-2261E614A775}] => (Allow) C:\Program Files\Seagull\BarTender Suite\SystemDatabaseWizard.exe
FirewallRules: [{9EFD7DF3-F50F-4565-8064-419437EBA499}] => (Allow) C:\Program Files\Seagull\BarTender Suite\SystemDatabaseWizard.exe
FirewallRules: [{D5B6B6ED-6D1C-4105-83B5-98D8250F06CC}] => (Allow) C:\Program Files\Seagull\BarTender Suite\Maestro.Service.exe
FirewallRules: [{5A6E7D0B-E54D-4AFB-A7B9-CD883971FA8E}] => (Allow) C:\Program Files\Seagull\BarTender Suite\Maestro.Service.exe
FirewallRules: [{5B7B41B9-52ED-4765-9533-0752E14209F5}] => (Allow) C:\Program Files\Seagull\BarTender Suite\Maestro.exe
FirewallRules: [{612C83BF-54A4-4532-8A60-8DC4A2E0CBF9}] => (Allow) C:\Program Files\Seagull\BarTender Suite\Maestro.exe
FirewallRules: [{242EC560-5247-4049-B326-72622682CF23}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

07-02-2018 08:27:13 Windows Update
14-02-2018 08:43:33 Instalan sluba modul systmu Windows
22-02-2018 10:16:32 Operace obnoven

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/23/2018 06:04:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro slubu BITS v knihovn DLL C:\Windows\System32\bitsperf.dll se nezdaila. Vkonnostn data pro tuto slubu nebudou k dispozici. Vrcen kd stavu pedstavuj prvn tyi bajty (DWORD) datov sti.

Error: (02/22/2018 12:38:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Jirka6)
Description: Balek Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe+App se ukonil, protoe jeho pozastavovn trvalo moc dlouho.

Error: (02/22/2018 11:41:28 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro slubu BITS v knihovn DLL C:\Windows\System32\bitsperf.dll se nezdaila. Vkonnostn data pro tuto slubu nebudou k dispozici. Vrcen kd stavu pedstavuj prvn tyi bajty (DWORD) datov sti.

Error: (02/22/2018 10:50:40 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Pi aktualizaci stavu  na SECURITY_PRODUCT_STATE_OFF dolo k chyb.

Error: (02/22/2018 10:31:46 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Bhem obnoven systmu dolo k nespecifikovan chyb: (Windows Update). Dal informace: 0x80070005.

Error: (02/22/2018 10:31:34 AM) (Source: BarTender System Service) (EventID: 10105) (User: )
Description: Databzi Systmov sluba aplikace BarTender se nepodailo provst najt informace.

Tabulka: MessageLog, Pkaz: ; Vnitn zprva: spn bylo vytvoeno pipojen k serveru. Potom vak dolo k chyb pi vyjednvn metodou handshake ped pihlaovnm. (provider: TCP Provider, error: 0 - Zadan sov nzev nen ji dle kdispozici.); Vnitn zprva: Zadan sov nzev nen ji dle kdispozici

Error: (02/22/2018 10:31:34 AM) (Source: BarTender System Service) (EventID: 10105) (User: )
Description: Databzi Systmov sluba aplikace BarTender se nepodailo provst najt informace.

Tabulka: MessageLog, Pkaz: ; Vnitn zprva: spn bylo vytvoeno pipojen k serveru. Potom vak dolo k chyb pi vyjednvn metodou handshake ped pihlaovnm. (provider: TCP Provider, error: 0 - Zadan sov nzev nen ji dle kdispozici.); Vnitn zprva: Zadan sov nzev nen ji dle kdispozici

Error: (02/22/2018 10:31:34 AM) (Source: BarTender System Service) (EventID: 10182) (User: )
Description: Stored Procedure: [dbo].[SpDsGetMaintenanceInfo] Failed; Vnitn zprva: spn bylo vytvoeno pipojen k serveru. Potom vak dolo k chyb pi vyjednvn metodou handshake ped pihlaovnm. (provider: TCP Provider, error: 0 - Zadan sov nzev nen ji dle kdispozici.); Vnitn zprva: Zadan sov nzev nen ji dle kdispozici


System errors:
=============
Error: (02/23/2018 11:04:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastaven oprvnn vchoz pro pota neudluje oprvnn Mstn Aktivace pro serverovou aplikaci COM s identifiktorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uivateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomoc LRPC) bc v kontejneru aplikac Nen kdispozici  SID (Nen kdispozici). Toto oprvnn zabezpeen lze zmnit pomoc nstroje sprvy Sluba komponent.

Error: (02/23/2018 11:04:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastaven oprvnn specifick pro aplikaci neudluje oprvnn Mstn Aktivace pro serverovou aplikaci COM s identifiktorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uivateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomoc LRPC) bc v kontejneru aplikac Nen kdispozici  SID (Nen kdispozici). Toto oprvnn zabezpeen lze zmnit pomoc nstroje sprvy Sluba komponent.

Error: (02/23/2018 11:04:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastaven oprvnn vchoz pro pota neudluje oprvnn Mstn Aktivace pro serverovou aplikaci COM s identifiktorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uivateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomoc LRPC) bc v kontejneru aplikac Nen kdispozici  SID (Nen kdispozici). Toto oprvnn zabezpeen lze zmnit pomoc nstroje sprvy Sluba komponent.

Error: (02/23/2018 11:04:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastaven oprvnn specifick pro aplikaci neudluje oprvnn Mstn Aktivace pro serverovou aplikaci COM s identifiktorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uivateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomoc LRPC) bc v kontejneru aplikac Nen kdispozici  SID (Nen kdispozici). Toto oprvnn zabezpeen lze zmnit pomoc nstroje sprvy Sluba komponent.

Error: (02/23/2018 11:04:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastaven oprvnn vchoz pro pota neudluje oprvnn Mstn Aktivace pro serverovou aplikaci COM s identifiktorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uivateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomoc LRPC) bc v kontejneru aplikac Nen kdispozici  SID (Nen kdispozici). Toto oprvnn zabezpeen lze zmnit pomoc nstroje sprvy Sluba komponent.

Error: (02/23/2018 11:04:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastaven oprvnn specifick pro aplikaci neudluje oprvnn Mstn Aktivace pro serverovou aplikaci COM s identifiktorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uivateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomoc LRPC) bc v kontejneru aplikac Nen kdispozici  SID (Nen kdispozici). Toto oprvnn zabezpeen lze zmnit pomoc nstroje sprvy Sluba komponent.

Error: (02/23/2018 11:04:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastaven oprvnn vchoz pro pota neudluje oprvnn Mstn Aktivace pro serverovou aplikaci COM s identifiktorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uivateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomoc LRPC) bc v kontejneru aplikac Nen kdispozici  SID (Nen kdispozici). Toto oprvnn zabezpeen lze zmnit pomoc nstroje sprvy Sluba komponent.

Error: (02/23/2018 11:04:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastaven oprvnn specifick pro aplikaci neudluje oprvnn Mstn Aktivace pro serverovou aplikaci COM s identifiktorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uivateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomoc LRPC) bc v kontejneru aplikac Nen kdispozici  SID (Nen kdispozici). Toto oprvnn zabezpeen lze zmnit pomoc nstroje sprvy Sluba komponent.


Windows Defender:
===================================
Date: 2018-02-23 23:04:34.310
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo malware nebo jin potenciln nedouc software.
Dal informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!ac&threatid=2147684005&enterprise=0
Nzev: Trojan:Win32/Dynamer!ac
ID: 2147684005
Zvanost: Vn
Kategorie: Trojsk k
Cesta: file:_D:\FRSTLauncher.exe
Pvod zjiovn: Mstn pota
Typ zjiovn: FastPath
Zdroj zjiovn: Ochrana v relnm ase
Uivatel: Jirka6\Jirka
Nzev procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.261.1561.0, AS: 1.261.1561.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-23 23:04:19.023
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo malware nebo jin potenciln nedouc software.
Dal informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!ac&threatid=2147684005&enterprise=0
Nzev: Trojan:Win32/Dynamer!ac
ID: 2147684005
Zvanost: Vn
Kategorie: Trojsk k
Cesta: file:_D:\FRSTLauncher.exe
Pvod zjiovn: Mstn pota
Typ zjiovn: FastPath
Zdroj zjiovn: Ochrana v relnm ase
Uivatel: Jirka6\Jirka
Nzev procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.261.1561.0, AS: 1.261.1561.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-23 23:04:03.324
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo malware nebo jin potenciln nedouc software.
Dal informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!ac&threatid=2147684005&enterprise=0
Nzev: Trojan:Win32/Dynamer!ac
ID: 2147684005
Zvanost: Vn
Kategorie: Trojsk k
Cesta: file:_C:\Users\Sasa\Desktop\FRSTLauncher.exe
Pvod zjiovn: Mstn pota
Typ zjiovn: FastPath
Zdroj zjiovn: Ochrana v relnm ase
Uivatel: Jirka6\Sasa
Nzev procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.261.1561.0, AS: 1.261.1561.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-23 22:57:18.983
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo malware nebo jin potenciln nedouc software.
Dal informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!ac&threatid=2147684005&enterprise=0
Nzev: Trojan:Win32/Dynamer!ac
ID: 2147684005
Zvanost: Vn
Kategorie: Trojsk k
Cesta: file:_C:\Users\Sasa\Downloads\FRSTLauncher.exe;webfile:_C:\Users\Sasa\Downloads\FRSTLauncher.exe|http://viry.xf.cz/pro_usery/FRSTLauncher.exe|iexplore.exe
Pvod zjiovn: Internet
Typ zjiovn: FastPath
Zdroj zjiovn: Ochrana v relnm ase
Uivatel: Jirka6\Sasa
Nzev procesu: C:\Program Files\internet explorer\iexplore.exe
Verze podpisu: AV: 1.261.1561.0, AS: 1.261.1561.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-23 22:57:18.979
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo malware nebo jin potenciln nedouc software.
Dal informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!ac&threatid=2147684005&enterprise=0
Nzev: Trojan:Win32/Dynamer!ac
ID: 2147684005
Zvanost: Vn
Kategorie: Trojsk k
Cesta: file:_C:\Users\Sasa\Downloads\FRSTLauncher.exe
Pvod zjiovn: Mstn pota
Typ zjiovn: FastPath
Zdroj zjiovn: Ochrana v relnm ase
Uivatel: Jirka6\Sasa
Nzev procesu: C:\Program Files\internet explorer\iexplore.exe
Verze podpisu: AV: 1.261.1561.0, AS: 1.261.1561.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-22 09:27:29.280
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo chybu pi pokusu o aktualizaci podpis.
Nov verze podpisu: 
Pedchoz verze podpisu: 1.261.1389.0
Zdroj aktualizace: Centrum spolenosti Microsoft pro ochranu ped kodlivm softwarem
Typ podpisu: Antivirov program
Typ aktualizace: pln
Uivatel: NT AUTHORITY\NETWORK SERVICE
Aktuln verze modulu: 
Pedchoz verze modulu: 1.1.14500.5
Kd chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat nzev nebo adresu serveru. 

Date: 2018-02-22 09:27:29.280
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo chybu pi pokusu o aktualizaci podpis.
Nov verze podpisu: 
Pedchoz verze podpisu: 118.2.0.0
Zdroj aktualizace: Centrum spolenosti Microsoft pro ochranu ped kodlivm softwarem
Typ podpisu: Systm kontroly st
Typ aktualizace: pln
Uivatel: NT AUTHORITY\NETWORK SERVICE
Aktuln verze modulu: 
Pedchoz verze modulu: 2.1.14202.0
Kd chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat nzev nebo adresu serveru. 

Date: 2018-02-22 09:27:29.276
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo chybu pi pokusu o aktualizaci podpis.
Nov verze podpisu: 
Pedchoz verze podpisu: 1.261.1389.0
Zdroj aktualizace: Centrum spolenosti Microsoft pro ochranu ped kodlivm softwarem
Typ podpisu: Antivirov program
Typ aktualizace: pln
Uivatel: NT AUTHORITY\NETWORK SERVICE
Aktuln verze modulu: 
Pedchoz verze modulu: 1.1.14500.5
Kd chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat nzev nebo adresu serveru. 

Date: 2018-02-22 09:27:29.276
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo chybu pi pokusu o aktualizaci podpis.
Nov verze podpisu: 
Pedchoz verze podpisu: 1.261.1389.0
Zdroj aktualizace: Centrum spolenosti Microsoft pro ochranu ped kodlivm softwarem
Typ podpisu: Antispywarov program
Typ aktualizace: pln
Uivatel: NT AUTHORITY\NETWORK SERVICE
Aktuln verze modulu: 
Pedchoz verze modulu: 1.1.14500.5
Kd chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat nzev nebo adresu serveru. 

Date: 2018-02-22 09:27:29.276
Description: 
Prohledvn Antivirov ochrana v programu Windows Defender zjistilo chybu pi pokusu o aktualizaci podpis.
Nov verze podpisu: 
Pedchoz verze podpisu: 1.261.1389.0
Zdroj aktualizace: Centrum spolenosti Microsoft pro ochranu ped kodlivm softwarem
Typ podpisu: Antivirov program
Typ aktualizace: pln
Uivatel: NT AUTHORITY\NETWORK SERVICE
Aktuln verze modulu: 
Pedchoz verze modulu: 1.1.14500.5
Kd chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat nzev nebo adresu serveru. 

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz
Percentage of memory in use: 50%
Total physical RAM: 8124.85 MB
Available physical RAM: 4053.7 MB
Total Virtual: 10044.85 MB
Available Virtual: 4560.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.02 GB) (Free:93.77 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.39 GB) (Free:724.81 GB) NTFS

\\?\Volume{7a7580ea-6b84-470c-b94d-611489954c59}\ (Obnoven) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{ab7cdc98-36b3-4db5-995a-1a94cc976be5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: AE88165D)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 000053CA)

Partition: GPT.

==================== End of Addition.txt ============================