Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.02.2018
Ran by sitnefr1-locadm (03-03-2018 16:59:40)
Running from C:\Users\Franta\Desktop
Windows 10 Pro Version 1709 16299.248 (X64) (2017-12-07 07:45:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2830779331-3592222151-1840298108-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2830779331-3592222151-1840298108-503 - Limited - Disabled)
Franta (S-1-5-21-2830779331-3592222151-1840298108-1006 - Limited - Enabled) => C:\Users\Franta
Guest (S-1-5-21-2830779331-3592222151-1840298108-501 - Limited - Disabled)
sitnefr1-locadm (S-1-5-21-2830779331-3592222151-1840298108-1005 - Administrator - Enabled) => C:\Users\sitnefr1-locadm
WDAGUtilityAccount (S-1-5-21-2830779331-3592222151-1840298108-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver  (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3B001045}) (Version: 1.7.45.10 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver  (HKLM-x32\...\SZCCID) (Version: 1.7.45.10 - Alcor Micro Corp.)
Alps Touchpad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.2206.1717.623 - Alps Electric)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{ed5cef80-a339-45bd-8c06-514eaf785ca8}) (Version: 19.71.0 - Intel Corporation)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.43.1 - Asmedia Technology)
Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{CF942D1D-A798-4AE0-9410-C5CE2BE1F139}) (Version: 17.4.4.6 - Broadcom Corporation)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.136.1 - Conexant)
DNE Update (HKLM\...\{7446EC3E-67FD-434E-BC91-1B5FB7D0E2D2}) (Version: 4.13.1.18545 - Deterministic Networks, Inc.)
Docker for Windows (HKLM\...\Docker for Windows) (Version: 17.12.0-ce-win47 - Docker Inc.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
ESET Endpoint Antivirus (HKLM\...\{5027F4BD-2B2A-4E4A-9758-785EE6EF6423}) (Version: 5.0.2126.11 - ESET, spol. s r.o.)
Git version 2.13.0 (HKLM\...\Git_is1) (Version: 2.13.0 - The Git Development Community)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.19.5276 - GOM & Company)
Google Chrome (HKLM\...\{AFD7A60B-D384-335B-AFD8-48F4ED8072C2}) (Version: 64.0.3282.186 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Collaboration Keyboard (HKLM-x32\...\{C3A1BFE9-8943-42F0-976E-AF4F0B9D6A08}) (Version: 1.2.10.1 - HP)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
HP Hotkey Support (HKLM-x32\...\{47A1B926-2D6E-4988-8223-8CA5ECBD5E78}) (Version: 6.2.37.1 - HP)
HP MAC Address Manager (HKLM-x32\...\{21FA165F-905C-4DDA-B00A-00C3A5D17BBA}) (Version: 1.1.6.1 - HP)
HP Notifications (HKLM-x32\...\{7F9760E8-51EC-4089-8C4E-94406AD07846}) (Version: 1.0.21.1 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8361.5688 - HP Inc.)
HP SoftPaq Download Manager (HKLM-x32\...\{92db00b4-c4ee-4893-bc4e-8be6548b2742}) (Version: 4.3.4.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.3 - HP)
HP Support Assistant (HKLM-x32\...\{DFBDDDB3-D753-4454-84E9-2D3D96E89EFF}) (Version: 8.3.42.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{14D126AD-8249-45B4-B6F0-175939F8F894}) (Version: 12.6.14.19 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{A66E1AC5-F4A9-4DB0-ACB0-90419A8F98D5}) (Version: 1.2.9.2 - HP Inc.)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.14 - SunplusIT)
HP Universal Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11237 - Realtek Semiconductor Corp.)
HP USB Audio (HKLM\...\HP_DOCKING) (Version: 1.31.36.18 - Conexant)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
HPWorkWise64 (HKLM\...\{56051A5A-7A04-4CD4-A5CD-781F1AC10112}) (Version: 1.2.2.1 - HP Company) Hidden
Icecream Screen Recorder verze 5.10 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.10 - Icecream Apps)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11001.3279 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1045 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4771 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{61AE8DA5-F472-44A8-B84B-AEC9F793A96A}) (Version: 19.11.1641.0703 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{6F91DCD1-30DB-449C-AE79-6948BEB15825}) (Version: 3.0.30.1119 - Intel Corporation) Hidden
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 131 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
JetBrains Toolbox (HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\...\JetBrainsToolbox) (Version: 1.3.2421 - JetBrains s.r.o.)
JetBrains Toolbox (HKU\S-1-5-21-2830779331-3592222151-1840298108-1006\...\JetBrainsToolbox) (Version: 1.3.2421 - JetBrains s.r.o.)
LibreOffice 5.3.3.2 (HKLM-x32\...\{C7C4A0C6-8483-4065-851D-CBE5DC17D046}) (Version: 5.3.3.2 - The Document Foundation)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2830779331-3592222151-1840298108-1006\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.1.1 - Mozilla)
Mozilla Thunderbird 52.1.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.1.1 (x86 cs)) (Version: 52.1.1 - Mozilla)
Node.js (HKLM\...\{2F9DD870-93DA-48D2-BEA5-A58D7C673EA5}) (Version: 6.10.3 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.4.1 - Notepad++ Team)
Opera Stable 45.0.2552.881 (HKU\S-1-5-21-2830779331-3592222151-1840298108-1006\...\Opera 45.0.2552.881) (Version: 45.0.2552.881 - Opera Software)
Opera Stable 51.0.2830.40 (HKLM-x32\...\Opera 51.0.2830.40) (Version: 51.0.2830.40 - Opera Software)
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
PuTTY release 0.69 (HKLM-x32\...\{E688B503-623E-4EF5-AA11-854DF1AE97BF}) (Version: 0.69.0.0 - Simon Tatham)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.137 - Realtek Semiconductor Corp.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.203 - Samsung Electronics Co., Ltd.)
Slack (HKU\S-1-5-21-2830779331-3592222151-1840298108-1006\...\slack) (Version: 3.0.5 - Slack Technologies)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Spotify (HKU\S-1-5-21-2830779331-3592222151-1840298108-1006\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB)
Synaptics WBF Fingerprint Reader (HKLM\...\{BA72EB72-1D6F-461A-BDD1-BE6342613014}) (Version: 5.2.5005.26 - Synaptics Incorporated)
Thunderbolt(TM) Software (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Wacom Pen (HKLM\...\ISD Tablet Driver) (Version: 7.3.4-15 - Wacom Technology Corp.)
WebM Project Directshow Filters (HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
WinSCP 5.11.3 (HKLM-x32\...\winscp3_is1) (Version: 5.11.3 - Martin Prikryl)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-05-18] ()
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2012-07-04] (ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2012-07-04] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxDTCM.dll [2017-09-07] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2012-07-04] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F48C96-0D9F-40BB-A3A7-71A30F1A3944} - System32\Tasks\HP\HP Collaboration Keyboard\Start Collaboration Keyboard Process => C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe [2016-09-28] (HP)
Task: {1505E934-BE4E-451C-85AC-BF93D352B177} - System32\Tasks\Microsoft\Windows\Windows Subsystem for Linux\AptPackageIndexUpdate => C:\WINDOWS\System32\LxRun.exe [2017-12-07] (Microsoft Corporation)
Task: {20F179DE-79B4-42B6-A795-3B9751AB6D5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-10-12] (HP Inc.)
Task: {2494C54A-BC2C-426A-9282-BB9DBB2CB8FD} - System32\Tasks\Microsoft\Windows\Conexant\SA3 => C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SACpl.exe [2016-10-06] (Conexant Systems, Inc.)
Task: {333DB860-4DDA-4B0D-8D4E-C5927C11677A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-06-28] (HP Inc.)
Task: {3EEC6C27-626F-4419-812B-189096EDECC9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {3F55F33C-1B81-4E6E-8082-966A0166B1DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26] (Google Inc.)
Task: {4D5D3A51-1457-40E0-8610-CD8A6509F5CF} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe [2017-04-11] (HP)
Task: {5378C490-D1FC-469B-B2B5-4681CC0764B8} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\HP\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2016-08-29] (HP Inc.)
Task: {75E38166-736F-480E-8286-DBF70E4924AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {7F2025DE-535B-4F48-9915-AE5E9050D92A} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [2017-09-29] (Microsoft Corporation)
Task: {856A6720-6173-4853-9662-C71B770EB9FB} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
Task: {89079C91-CB8C-409F-97D8-E57455748DE7} - System32\Tasks\Microsoft\Windows\Conexant\FLOW => C:\Program Files\CONEXANT\FLOW\SACpl.exe [2016-12-01] (Conexant Systems, Inc.)
Task: {989659EB-8D3F-4BCA-9931-D015CD07FA89} - System32\Tasks\HPCeeScheduleForFranta => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {A030B2EB-22F7-435A-8810-1E15957F366F} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [2017-09-29] (Microsoft Corporation)
Task: {A674DB63-A8C4-465C-B381-504B5ADEB19E} - System32\Tasks\Opera scheduled Autoupdate 1496048266 => C:\Program Files\Opera\launcher.exe [2018-02-21] (Opera Software)
Task: {B0CFC06C-D91D-498F-BB84-A3AA6E85A8BD} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {B94D225F-681C-4167-8CFE-10C98CDEBEF3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {BCFCD9E0-2574-488F-AC53-809E3225018D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {BF870104-19B8-4998-B6FD-7148F4A35823} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2017-05-14] (Conexant)
Task: {C46ED91A-C964-4828-849E-4C37FB58CC2C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation)
Task: {C9D55E98-602E-4317-96DE-D6FFF6619702} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {D74C3E25-ABE6-4F3E-9A7F-F88D92E92F99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {DDAC1EA5-C8AA-4DF6-82FD-027D40A7123E} - System32\Tasks\Opera scheduled Autoupdate 1495824108 => C:\Users\Franta\AppData\Local\Programs\Opera\launcher.exe
Task: {E1470810-2DFF-4238-BE8C-4458BDDCEEEF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-26] (Google Inc.)
Task: {E32E3828-90A9-4A29-9A34-E29C9D5EB64C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {E6DCB8B5-63F9-4670-953F-E3E612118DA5} - System32\Tasks\CRMTaskReminder => c:\Program Files (x86)\HP\HP Registration Service\RegDataUtil.exe [2016-08-29] (HP Inc.)
Task: {EC488E8B-717D-4467-B0A0-C3B349EA4897} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-09-22] (HP Inc.)
Task: {EE33B102-1923-4753-AA1B-A427D47FC459} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-10-12] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForFranta.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-02-14 17:58 - 2018-01-01 12:23 - 000023040 _____ () C:\Windows\System32\hnsproxy.dll
2017-05-18 01:05 - 2017-05-18 01:05 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-02-14 17:59 - 2018-02-10 05:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-14 18:00 - 2018-02-10 05:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-18 21:44 - 2018-01-18 21:44 - 001951800 _____ () C:\Users\Franta\AppData\Local\slack\app-3.0.5\ffmpeg.dll
2018-01-18 21:44 - 2018-01-18 21:44 - 000110080 _____ () \\?\C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-01-29 12:42 - 2018-01-29 12:42 - 041100328 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2018-01-18 21:44 - 2018-01-18 21:44 - 003430968 _____ () C:\Users\Franta\AppData\Local\slack\app-3.0.5\libglesv2.dll
2018-01-18 21:44 - 2018-01-18 21:44 - 000024632 _____ () C:\Users\Franta\AppData\Local\slack\app-3.0.5\libegl.dll
2018-01-18 21:44 - 2018-01-18 21:44 - 000400896 _____ () \\?\C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\slack-calls.node
2018-01-18 21:44 - 2018-01-18 21:44 - 007582776 _____ () \\?\C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\CallsCore.dll
2018-01-18 21:44 - 2018-01-18 21:44 - 001491512 _____ () \\?\C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\boringssl.dll
2018-01-18 21:44 - 2018-01-18 21:44 - 000230968 _____ () \\?\C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar.unpacked\node_modules\@slack\slack-calls\build\Release\protobuf_lite.dll
2018-01-18 21:44 - 2018-01-18 21:44 - 000157184 _____ () \\?\C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-01-18 21:44 - 2018-01-18 21:44 - 000089088 _____ () \\?\C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar.unpacked\node_modules\@paulcbetts\system-idle-time\build\Release\system_idle_time.node
2018-01-18 21:44 - 2018-01-18 21:44 - 000482816 _____ () \\?\C:\Users\Franta\AppData\Local\slack\app-3.0.5\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-03-02 20:03 - 2018-03-02 20:03 - 097118296 _____ () C:\Program Files\Opera\51.0.2830.40\opera_browser.dll
2018-03-02 20:03 - 2018-03-02 20:02 - 004438104 _____ () C:\Program Files\Opera\51.0.2830.40\libglesv2.dll
2018-03-02 20:03 - 2018-03-02 20:02 - 000100440 _____ () C:\Program Files\Opera\51.0.2830.40\libegl.dll
2017-11-10 01:21 - 2017-11-10 01:21 - 000975872 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2017-11-10 01:21 - 2017-11-10 01:21 - 000269696 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 001357464 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 000202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2017-11-18 12:03 - 2017-11-13 21:43 - 016009744 _____ () C:\Users\Franta\AppData\Local\JetBrains\Toolbox\bin\opengl32sw.dll
2018-03-03 16:15 - 2018-03-03 16:15 - 000088064 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\_ctypes.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000069120 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\bz2.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000920064 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\_hashlib.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000098816 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32api.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000110080 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\pywintypes27.dll
2018-03-03 16:15 - 2018-03-03 16:15 - 000364544 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\pythoncom27.dll
2018-03-03 16:15 - 2018-03-03 16:15 - 000686080 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\unicodedata.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000320512 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32com.shell.shell.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 001177088 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\wx._core_.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000806912 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\wx._gdi_.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000816640 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\wx._windows_.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 001067520 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\wx._controls_.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000733696 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\wx._misc_.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000736256 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\pysqlite2._sqlite.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000119808 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32file.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000108544 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32security.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000007168 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\hashobjs_ext.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000017920 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\thumbnails_ext.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000082432 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\usb_ext.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000013824 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\common.time34.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000018432 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32event.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000027648 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\windows.conditional.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000017408 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\windows.winwrap.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000089088 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\windows.volumes.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000167936 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32gui.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000046080 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\_socket.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 001311232 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\_ssl.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000135680 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\_elementtree.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000133632 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\pyexpat.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000038912 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32inet.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000077824 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\wx._html2.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000036864 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\_psutil_windows.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000524248 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\windows._lib_cacheinvalidation.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000010240 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\select.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000011264 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32crypt.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000218624 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\PIL._imaging.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000027648 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\_multiprocessing.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000020480 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\_yappi.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000035840 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32process.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000024064 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32pipe.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000025600 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32pdh.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000059392 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\windows.device_monitor.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000017408 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32profile.pyd
2018-03-03 16:15 - 2018-03-03 16:15 - 000022528 _____ () C:\Users\Franta\AppData\Local\Temp\_MEI114002\win32ts.pyd
2016-12-05 11:58 - 2016-12-05 11:58 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-08-22 01:47 - 2017-08-22 01:47 - 000163840 _____ () C:\Program Files (x86)\GRETECH\GOMPlayer\CrashDumpCollector.dll
2017-08-22 01:47 - 2017-08-22 01:47 - 001193984 _____ () C:\Program Files (x86)\GRETECH\GOMPlayer\libass.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2017-09-23 21:40 - 000000947 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 cms
127.0.0.1 skolapropsy
127.0.0.1 atomic-file.localhost
127.0.0.1 di.localhost
127.0.0.1 ladygong.localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2830779331-3592222151-1840298108-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2830779331-3592222151-1840298108-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Franta\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\584d21f14564b.jpg
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-2830779331-3592222151-1840298108-1006\...\StartupApproved\Run: => "Docker for Windows"
HKU\S-1-5-21-2830779331-3592222151-1840298108-1006\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRTCL-WMI-RPCSS-In-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe
FirewallRules: [VIRTCL-WMI-WINMGMT-In-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe
FirewallRules: [VIRTCL-WMI-WINMGMT-Out-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe
FirewallRules: [VIRTCL-WMI-ASYNC-In-TCP-NoScope] => (Allow) $(runtime.system32)\wbem\unsecapp.exe
FirewallRules: [{1BAFB73D-601B-44B8-AEA7-D0452E65C0B0}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{67705E55-AD0B-4510-B275-F9E69007460D}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [UDP Query User{925F2306-3198-4ECF-BAF4-3B250570A474}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.41\jre64\bin\java.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.41\jre64\bin\java.exe
FirewallRules: [TCP Query User{75B635E5-0206-45CF-8460-94B0EEAD6F9A}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.41\jre64\bin\java.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.41\jre64\bin\java.exe
FirewallRules: [UDP Query User{E5E6FC94-CD23-4A8F-95CC-C2DA76F64CE6}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.41\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.41\bin\phpstorm64.exe
FirewallRules: [TCP Query User{86CABA0F-163C-4AA7-BBBD-39B69AD452F0}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.41\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.41\bin\phpstorm64.exe
FirewallRules: [UDP Query User{F45D9D8E-3015-45D6-A9E7-0CCA2B3F3D0E}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.25\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.25\bin\phpstorm64.exe
FirewallRules: [TCP Query User{3A8C0C64-0EF1-455C-8E03-616F87323A76}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.25\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.4155.25\bin\phpstorm64.exe
FirewallRules: [UDP Query User{CB3F8616-6EB7-40AC-9650-BBB261B772ED}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.3544.41\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.3544.41\bin\phpstorm64.exe
FirewallRules: [TCP Query User{680827F3-ABB8-4E5A-8E46-EFDB9F4DAEA9}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.3544.41\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.3544.41\bin\phpstorm64.exe
FirewallRules: [UDP Query User{E108FF0A-0B79-48D1-BEED-992E25B8103E}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.3317.83\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.3317.83\bin\phpstorm64.exe
FirewallRules: [TCP Query User{5E0FC998-0411-49D5-9472-083FF93CB8E7}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.3317.83\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\172.3317.83\bin\phpstorm64.exe
FirewallRules: [UDP Query User{F29C1911-BD03-401D-96CB-F4F6AB8FD8D6}C:\program files\docker\docker\resources\vpnkit.exe] => (Allow) C:\program files\docker\docker\resources\vpnkit.exe
FirewallRules: [TCP Query User{0FFD6140-015B-4297-AC08-B8DF9E4ADF55}C:\program files\docker\docker\resources\vpnkit.exe] => (Allow) C:\program files\docker\docker\resources\vpnkit.exe
FirewallRules: [UDP Query User{42AFA93C-8D8F-49B1-B46A-BC68E141D033}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [TCP Query User{88DF84B8-182C-4FD1-87E0-BE935851E4D3}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe
FirewallRules: [UDP Query User{8B382FBA-DDC2-46EA-9856-1F1007B68432}C:\users\sitnefr1\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\171.4694.2\bin\phpstorm64.exe] => (Allow) C:\users\sitnefr1\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\171.4694.2\bin\phpstorm64.exe
FirewallRules: [TCP Query User{404B0C3B-68CF-4F3C-B664-278681C04F59}C:\users\sitnefr1\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\171.4694.2\bin\phpstorm64.exe] => (Allow) C:\users\sitnefr1\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\171.4694.2\bin\phpstorm64.exe
FirewallRules: [UDP Query User{34BD7ECD-5370-405A-997E-E63C38A266BC}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [TCP Query User{18E8B7B7-D17D-47C3-B000-D170CF17ED72}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe
FirewallRules: [UDP Query User{D84B15A6-5691-4CBB-AB39-55AC1677A390}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\171.4694.2\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\171.4694.2\bin\phpstorm64.exe
FirewallRules: [TCP Query User{0A5F9E0B-7EB3-45A4-A5E1-5B805F10C049}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\171.4694.2\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\171.4694.2\bin\phpstorm64.exe
FirewallRules: [UDP Query User{C27AB8D1-FCE6-4125-BDB2-D3BFDB23F6B3}C:\users\franta\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\franta\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2805509E-B791-41A8-8A60-A7D53C0C5433}C:\users\franta\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\franta\appdata\roaming\spotify\spotify.exe
FirewallRules: [{18605562-4224-4B58-A6C0-ABD44FEC84EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DFCD6D9-7D7C-434D-B836-608AA9C561D2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F820A37B-9A56-4B39-80D9-A8311E03DA43}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FF712FBA-1D85-42BE-9DBF-CF84383AF7E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E83EF83-A745-4E65-A69F-0E2893CB0CEC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{3E0FED90-760E-4ED5-BAF1-81C19D2D4BCA}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\173.4127.29\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\173.4127.29\bin\phpstorm64.exe
FirewallRules: [UDP Query User{B02FD51E-78AF-49B5-B6A7-D3056C22CCBD}C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\173.4127.29\bin\phpstorm64.exe] => (Allow) C:\users\franta\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\173.4127.29\bin\phpstorm64.exe
FirewallRules: [DNS Server Forward Rule - TCP - 3579a54d-9e7e-47a0-891a-c8a54f17d457 - 0] => (Allow) LPort=53
FirewallRules: [DNS Server Forward Rule - UDP - 3579a54d-9e7e-47a0-891a-c8a54f17d457 - 0] => (Allow) LPort=53
FirewallRules: [{58B7F4FB-3B97-4CA9-8506-7E94896A9093}] => (Allow) C:\Program Files\Docker\Docker\Resources\com.docker.proxy.exe
FirewallRules: [{700AF6A6-9223-4415-888B-CB395581E67E}] => (Allow) LPort=445
FirewallRules: [{6ED1EFA2-7329-4CE2-9142-171808B5D2C2}] => (Allow) C:\Program Files\Opera\51.0.2830.34\opera.exe
FirewallRules: [{6480E70C-0A9D-4FBD-9071-DCC069A37BCA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7AAED533-F40D-4D6D-BA09-F703F4DCE78C}] => (Allow) C:\Program Files\Opera\51.0.2830.40\opera.exe

==================== Restore Points =========================

14-02-2018 17:57:23 Windows Update
24-02-2018 13:24:06 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows #2
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/25/2018 05:49:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GOM.exe, verze: 2.3.19.5276, časové razítko: 0x599f9574
Název chybujícího modulu: avformat-gp-57.dll, verze: 57.41.100.0, časové razítko: 0x58f425f7
Kód výjimky: 0xc0000005
Posun chyby: 0x0007055e
ID chybujícího procesu: 0x740
Čas spuštění chybující aplikace: 0x01d3ae5883154c29
Cesta k chybující aplikaci: C:\Program Files (x86)\GRETECH\GOMPlayer\GOM.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\GRETECH\GOMPlayer\avformat-gp-57.dll
ID zprávy: e8e5f9a3-8a7f-4518-8afc-4815458c5bfe
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/25/2018 05:09:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad  na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_15ced204935f55d7.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd.manifest.

Error: (02/24/2018 11:26:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7750

Error: (02/24/2018 11:26:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7750

Error: (02/24/2018 11:26:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/24/2018 11:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6157

Error: (02/24/2018 11:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6157

Error: (02/24/2018 11:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/03/2018 04:49:57 PM) (Source: DCOM) (EventID: 10016) (User: DEVEL-80-NTB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DEVEL-80-NTB\Franta (SID: S-1-5-21-2830779331-3592222151-1840298108-1006) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2018 04:37:04 PM) (Source: DCOM) (EventID: 10016) (User: DEVEL-80-NTB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DEVEL-80-NTB\Franta (SID: S-1-5-21-2830779331-3592222151-1840298108-1006) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2018 04:30:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2018 04:24:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2018 04:18:23 PM) (Source: DCOM) (EventID: 10016) (User: DEVEL-80-NTB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DEVEL-80-NTB\Franta (SID: S-1-5-21-2830779331-3592222151-1840298108-1006) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2018 04:15:28 PM) (Source: DCOM) (EventID: 10016) (User: DEVEL-80-NTB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DEVEL-80-NTB\Franta (SID: S-1-5-21-2830779331-3592222151-1840298108-1006) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2018 04:15:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/03/2018 04:15:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-03-03 16:20:30.743
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-03 16:20:30.739
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-03 16:20:17.620
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-03 16:20:17.618
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-03 16:18:03.776
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-03 16:18:03.772
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-03 16:18:01.131
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-03 16:18:01.124
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 48%
Total physical RAM: 8071.21 MB
Available physical RAM: 4156.04 MB
Total Virtual: 10375.21 MB
Available Virtual: 5588.74 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:220.27 GB) (Free:131.54 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:16.76 GB) (Free:2.19 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:633.63 GB) NTFS

\\?\Volume{44a2a04a-7c13-4108-a850-164f8d016fb8}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.29 GB) FAT32
\\?\Volume{293a8281-5ec9-40f1-a0a0-c901fcf8f2b3}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3F64CE29)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E2FCCAD8)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================