﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by Maria (16-06-2018 17:40:36)
Running from C:\Users\Maria\Downloads
Windows 10 Home Version 1709 16299.431 (X64) (2018-01-18 08:16:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3246118054-929306184-4054736642-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3246118054-929306184-4054736642-503 - Limited - Disabled)
Guest (S-1-5-21-3246118054-929306184-4054736642-501 - Limited - Disabled)
Maria (S-1-5-21-3246118054-929306184-4054736642-1001 - Administrator - Enabled) => C:\Users\Maria
WDAGUtilityAccount (S-1-5-21-3246118054-929306184-4054736642-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4210 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3246118054-929306184-4054736642-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 60.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 60.0.2 (x86 cs)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Nero Prerequisite Installer 6.0 (HKLM-x32\...\{E5BAA2DF-F586-4319-BF9B-30AA50AD6B5D}) (Version: 18.0.00100 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{8EBCCD6B-CDE8-4070-80BC-8A3109C6944B}) (Version: 14.0.00300 - Nero AG)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (Cyberlink)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-14] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {029AAC87-C4EC-419D-81C3-B83812D53B1A} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {0711640E-86D9-41A1-8D0C-DE244C06F508} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {12E87CE3-5826-49DA-A65F-143476ECFF9B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {132D1A01-38A8-4518-BEBE-399895CAB803} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\131241da-fa0e-401b-b2a8-5aa5cb394716 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24] (Lenovo Group Limited)
Task: {14D05304-36A9-471C-B875-D59F9D74EA60} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {15901B89-4604-46DB-B786-1EB9378DF7A8} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {26BBEFB3-6014-401A-A17C-BBA0C6E1C3C4} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {38802B4F-3FC2-4EEE-80F8-284499BFDCA3} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {4A859038-7A8D-4E70-8CF4-FF1C529F1A00} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-08] (Adobe Systems Incorporated)
Task: {5812654C-6CA7-4CCA-B374-1B288F165DE5} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5AD0899A-4E28-48DD-9654-AF6CFBDEDA49} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-08] (Adobe Systems Incorporated)
Task: {5FE31A7F-04CD-4AD2-B78E-4D720188388C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ee9c5275-e1c7-4fb5-8f39-95511d879d30 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24] (Lenovo Group Limited)
Task: {67A8354A-4A35-4B12-B7BC-BF2B25CDE077} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2016-09-22] (CyberLink Corp.)
Task: {6A786068-9EF7-44D2-8123-C914859CC7D5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {72FDA8D8-9A51-4375-884F-0978310C459D} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {73DAB39C-3F0D-491F-8614-592AEC9C302C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-10] (AVAST Software)
Task: {761B8976-A7BC-460F-B397-DDCDF4EEA2AF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\51746b21-d56e-47d6-a9c9-08fb26df3926 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24] (Lenovo Group Limited)
Task: {7D224AE8-36F1-4A6A-A03C-CC31D0370B3A} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {8AC57825-15E1-49BB-92EC-9FF3F669A715} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6951defb-f8b2-4dff-a143-8eb60a4a848e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24] (Lenovo Group Limited)
Task: {91C22E27-5501-4A4C-9AE8-B9D61475110A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-04-24] (Lenovo Group Limited)
Task: {9B51FF87-AB17-4E61-9AC7-76C635C8F5B5} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {A705D94D-0E8A-4B9E-9107-EB754B7D2816} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-27] (Google Inc.)
Task: {A8622492-932F-4776-B259-FEFDE229F847} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {A955948E-8823-40CE-9701-D79AC9052F0B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd)
Task: {ADE99464-310D-404E-A214-9B0688E87421} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-04] (Microsoft Corporation)
Task: {BB169418-CE89-4A95-AC55-DF6616204085} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {C84B8F10-2B55-431C-BD59-A0F456135A6A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CC663DF6-9E50-4767-A50F-6B13BD7B104A} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-28] (CyberLink Corp.)
Task: {CE854706-F690-4B1F-845F-D90F548C6DB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-27] (Google Inc.)
Task: {CFFAF529-ED5D-433D-815E-FE9994975289} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-07-14] (Lenovo)
Task: {EFFCBC6F-03DB-4D4D-AE8C-C2B1B2B24962} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-14] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-02-26 19:12 - 2015-02-26 19:12 - 000330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-20 17:42 - 2017-10-20 17:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-03-14 17:25 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 17:24 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-11 15:41 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2018-01-16 22:29 - 2018-01-16 22:29 - 003657624 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-01-16 22:29 - 2018-01-16 22:29 - 002470296 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-01-30 11:07 - 2016-09-22 08:24 - 000884504 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2017-01-30 10:10 - 2016-09-22 08:11 - 000081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2015-09-11 14:33 - 2014-07-04 06:35 - 000627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 21:35 - 2014-07-04 21:35 - 000016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2018-04-16 12:29 - 2018-04-16 12:29 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-14 09:04 - 2018-05-14 09:04 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:9341E0C6 [310]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3246118054-929306184-4054736642-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-3246118054-929306184-4054736642-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A3D46FB9-852E-4A8A-A56F-02D4C3462271}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0CF948F9-4E05-4AB4-9D58-DB14D386465C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5CEEE0B4-3CA3-45A5-9487-A30EAD70E754}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{1BDEF2E0-0FAB-40AA-9CB7-B0385FA94796}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{91A4E0D6-0B9E-4080-9B28-6401737405E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

19-05-2018 14:41:20 Windows Update
03-06-2018 17:35:42 Scheduled Checkpoint
08-06-2018 11:02:10 Windows Update
11-06-2018 16:54:30 Windows Update
16-06-2018 10:16:26 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/16/2018 10:16:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/14/2018 06:38:53 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-R9VPC3C3$ přes https://INTC-KeyId-0fa7b495048126120e12731606776f3d68a037c0.microsoftaik.azure.net/templates/Aik/scep se nepovedla:

GetCACertChainDone
GetCACaps: OK
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Thu, 14 Jun 2018 16:38:15 GMT
Pragma: no-cache
Content-Length: 89
Content-Type: text/plain
Expires: -1
Server: Microsoft-IIS/10.0
x-ms-request-id: 79a809be-cdce-48e1-bcf5-5a3cec310cc6
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET

Metoda: POST(70656ms)
Fáze: GetCACertChainDone
The operation timed out 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)

Error: (06/14/2018 06:32:40 PM) (Source: CertEnroll) (EventID: 87) (User: NT AUTHORITY)
Description: Registrace certifikátu SCEP pro WORKGROUP\LAPTOP-R9VPC3C3$ přes https://INTC-KeyId-0fa7b495048126120e12731606776f3d68a037c0.microsoftaik.azure.net/templates/Aik/scep se nepovedla:

SubmitDone
GetCACertChain: OK
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Thu, 14 Jun 2018 16:31:37 GMT
Pragma: no-cache
Content-Length: 5164
Content-Type: application/x-x509-ca-ra-cert
Expires: -1
Server: Microsoft-IIS/10.0
x-ms-request-id: 9c9a6b7b-8160-4d2b-821c-09d464b17ca9
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET

Metoda: POST(136812ms)
Fáze: SubmitDone
The operation timed out 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)

Error: (06/13/2018 04:12:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.16299.334 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1550

Čas spuštění: 01d4031fa3aca65e

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: 209b640e-a8f6-4aa9-8832-6a7f4ab820b7

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.16299.402_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: App

Error: (06/13/2018 04:11:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP-R9VPC3C3)
Description: Balíček Microsoft.Windows.ShellExperienceHost_10.0.16299.402_neutral_neutral_cw5n1h2txyewy+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (06/11/2018 04:54:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/11/2018 04:36:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LAPTOP-R9VPC3C3)
Description: Balíček Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (06/11/2018 03:31:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Taskmgr.exe verze 10.0.16299.248 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2088

Čas spuštění: 01d40188511524a4

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\Taskmgr.exe

ID hlášení: 7b625357-3086-441e-9ffb-7c3b7ccb9804

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:


System errors:
=============
Error: (06/16/2018 05:15:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/16/2018 05:06:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/16/2018 05:02:36 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-R9VPC3C3)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 a APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 uživateli LAPTOP-R9VPC3C3\Maria (SID: S-1-5-21-3246118054-929306184-4054736642-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/16/2018 05:00:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/16/2018 05:00:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/16/2018 05:00:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/16/2018 05:00:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/16/2018 10:22:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 1960.27 MB
Available physical RAM: 646.86 MB
Total Virtual: 4648.27 MB
Available Virtual: 2608.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:419.48 GB) (Free:363.43 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.03 GB) NTFS
Drive f: (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

\\?\Volume{ad0394ff-2401-4fbb-9550-d978b7d77c50}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.53 GB) NTFS
\\?\Volume{f1ba52ea-ee33-4ec2-9e0a-1a1cff43302c}\ (LENOVO_PART) (Fixed) (Total:19.05 GB) (Free:5.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 51CE203D)

Partition: GPT.

==================== End of Addition.txt ============================