Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by derka (19-06-2018 14:44:14)
Running from C:\Users\derka\Desktop
Windows 10 Home Version 1803 17134.112 (X64) (2018-05-26 19:50:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1290545401-1897960774-3637104337-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1290545401-1897960774-3637104337-503 - Limited - Disabled)
derka (S-1-5-21-1290545401-1897960774-3637104337-1001 - Administrator - Enabled) => C:\Users\derka
Guest (S-1-5-21-1290545401-1897960774-3637104337-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1290545401-1897960774-3637104337-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{E5B0E5D9-9D25-4B2B-A7D9-8CA0F9E0DD89}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{CE33BF2E-5D59-44DF-8610-59BB289396C6}) (Version: 3.3.1.3 - Intel) Hidden
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{0CB7B447-4937-4945-B8C0-807A77B830D5}) (Version: 15.7.27520 - Microsoft Corporation) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.93 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{82C288CC-A96D-43E3-9119-944DABF5DD61}) (Version: 0.8.0.74 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{D58F95D9-65E0-4057-9008-1226B3516B76}) (Version: 6.2.61529.0 - Microsoft Corporation) Hidden
icecap_collection_neutral (HKLM-x32\...\{12C1EC05-F936-4A80-821E-7AAC64C4E6FF}) (Version: 15.6.27413 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{C8E22DF4-5498-4B61-93CF-3081BE95A1BA}) (Version: 15.6.27413 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{759A8513-794A-4471-8637-A851E23EBFA0}) (Version: 15.6.27406 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{C2D5D2FA-4FAA-4F90-85C5-BAEB203F83F4}) (Version: 15.6.27406 - Microsoft Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{F6B5BD59-21F0-47F8-A6C6-63BAEB1A6569}) (Version: 2.1.03720 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{4ef0c07c-1ede-4d1c-a593-83184455832b}) (Version: 3.3.1.3 - Intel)
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.8431.2250 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1290545401-1897960774-3637104337-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 (HKLM\...\{EE99006A-F227-41BA-884C-C3AF9642D95A}) (Version: 14.0.3006.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 (HKLM-x32\...\{FBD0D997-4E36-4B10-8471-BD7CF42ECE7F}) (Version: 14.0.3006.16 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.16.1247.518 - Microsoft Corporation)
Mozilla Firefox 60.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 60.0.2 (x64 cs)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
NVIDIA Ovladače grafiky 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.93 - NVIDIA Corporation) Hidden
SDÍLEJ.CZ Manager (HKU\S-1-5-21-1290545401-1897960774-3637104337-1001\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
Spotify (HKU\S-1-5-21-1290545401-1897960774-3637104337-1001\...\Spotify) (Version: 1.0.83.318.g6c07039d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.9 - TeamSpeak Systems GmbH)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{E1940917-E876-47AC-9551-CE42167D35B0}) (Version: 14.14.26405 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\09c7e8c7) (Version: 15.7.27703.2026 - Microsoft Corporation)
VS Immersive Activate Helper (HKLM-x32\...\{10948144-16FC-42B6-8DEA-5AC2428278DF}) (Version: 16.0.94.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4D42BCAC-81DD-4450-8BDC-7FCC4C975D2F}) (Version: 16.0.94.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5DFEB1ED-29B8-44F0-8615-DE758242B0E2}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{226CCDB6-96F9-4DE6-9CCC-DB49D0A0A971}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{B6600254-A9D1-4265-826B-28B0E28C1F37}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{EF15DAFE-8E43-48E6-AE94-CBA196675318}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9B1DD088-CF09-46A1-8B42-18D231B19E39}) (Version: 15.7.27604 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{F5BCAD30-D22C-4B08-A581-1EBE3A35C6B1}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B8B65A93-F72B-42C2-AE1A-FF440B44BB67}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2018-05-26] (AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2018-05-26] (AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2018-05-26] (AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_12cbd645391cbdcb\igfxDTCM.dll [2017-04-28] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-22] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2018-05-26] (AO Kaspersky Lab)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {273232A2-6F08-4BB6-84FE-D7C7894E1542} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-23] (NVIDIA Corporation)
Task: {5546241F-8D96-46DB-9ADB-6DE8D1229FE4} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6D0A79C7-0741-437D-A19F-12830B605078} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {79957345-8A82-4008-BD07-3AB14135C32D} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {8561CA84-4532-4DF6-B020-8CA88DC33DCC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {8B97BDB5-4B53-485B-9F69-495FCE20F057} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-23] (NVIDIA Corporation)
Task: {93541B87-C8A0-4DDD-B000-AB5BB71D535E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-27] (Microsoft Corporation)
Task: {9607074C-831B-462D-8232-41FA245621C0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {98C5D5F3-C034-4B5A-9D8B-2C1DFFFA0CEC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-27] (Microsoft Corporation)
Task: {9B3A16F9-8AD3-4A79-8054-2EFD4764166A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-05] (Microsoft Corporation)
Task: {9C430CE2-8D34-4BFF-AADF-48D26C454EDF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-23] (NVIDIA Corporation)
Task: {B7980B12-D44B-4070-885A-2F15B935A70E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-05] ()
Task: {E675802D-383C-4A38-BAA7-05890268E0F0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E795BA43-CD81-44AE-A857-5319154FCDBA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-23] (NVIDIA Corporation)
Task: {F26036A4-58E3-4EF0-B468-9B3DADB70C93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-05] (Microsoft Corporation)
Task: {F6DA8D1A-3B27-4B7D-B8C7-31815838F6F1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-05] ()
Task: {FB1B421F-796B-442A-BADD-D2606A231DFB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-06 20:54 - 2018-04-06 20:54 - 000185064 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-06-05 19:12 - 2018-06-05 19:12 - 008929480 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-13 20:44 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-26 22:31 - 2018-05-26 22:33 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-26 22:31 - 2018-05-26 22:33 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-26 22:31 - 2018-05-26 22:33 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-26 22:31 - 2018-05-26 22:33 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-26 22:31 - 2018-05-26 22:33 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-06-01 19:35 - 2018-06-01 19:36 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-26 22:27 - 2018-05-26 22:28 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-26 22:27 - 2018-05-26 22:28 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-04-12 17:54 - 2018-04-12 17:54 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-26 22:27 - 2018-05-26 22:28 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-26 22:13 - 2010-10-26 12:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2018-04-06 20:54 - 2018-04-06 20:54 - 000885992 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2018-04-06 20:54 - 2018-04-06 20:54 - 002309864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000270056 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000260328 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000306920 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000231144 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000277736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000638696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000212200 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000453352 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000375528 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000609512 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000248040 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2018-04-06 20:55 - 2018-04-06 20:55 - 000708328 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000818408 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
2018-04-06 20:54 - 2018-04-06 20:54 - 000214760 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\foreground_window_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000279272 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000207080 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1290545401-1897960774-3637104337-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\derka\Desktop\schoolboy-q-5605b437a9565.jpg
DNS Servers: 10.26.0.2 - 10.26.0.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DAX2_APP"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKU\S-1-5-21-1290545401-1897960774-3637104337-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1290545401-1897960774-3637104337-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1290545401-1897960774-3637104337-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1290545401-1897960774-3637104337-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EB555A23-FD8C-4ECB-ADA1-52B18CA46FFB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{18FFEA5B-47B5-4607-8EC2-B60382FDF31F}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{E9FFF460-6F9B-4D1E-B7AE-3E9682417B70}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{0DFFD164-C5AC-4002-B89F-6E1D6AA4BE80}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{3C477EDA-F723-4829-9F13-BC679F559A41}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{42E92C9C-DB84-4C60-A874-AAFEF0E711BA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{38EFE7E3-D3FB-4627-A41F-92CEFC1716FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{798F8893-771B-4649-B8B3-953852355C6E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E6059ED4-6573-4FEE-A18F-9D27F6E213A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D3563732-FD1F-412B-BD3E-FA66E2EC5B07}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6B940A89-5CA7-4BC1-ACFE-37B516331824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3FA43E84-AFA2-4F59-855A-D2511D7BB08E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{AD364BB4-2F26-4E32-ADDC-F87AE57D3637}C:\users\derka\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\derka\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B3AA068F-E4BE-4B2A-9DDF-FCB907C30980}C:\users\derka\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\derka\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6D307D93-40DD-45D3-9D3F-EED5CA76E47E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AE213BDD-83CC-45F2-9700-6CD67F62107F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{43DC5A1F-C11E-4797-8404-CD832D0C4D10}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{63C34C07-EF2E-4DC0-A8D7-5B6DEAB63652}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E5931E51-FC3A-4AF7-A9E9-2A489D2E67F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

==================== Restore Points =========================

07-06-2018 20:52:39 Windows Update
13-06-2018 20:35:12 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2018 04:24:50 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/17/2018 02:47:26 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5GIGPVQ)
Description: httphttp-2147467263

Error: (06/17/2018 02:10:52 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5GIGPVQ)
Description: httphttp-2147467263

Error: (06/17/2018 01:01:37 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5GIGPVQ)
Description: httphttp-2147467263

Error: (06/17/2018 12:24:44 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5GIGPVQ)
Description: httphttp-2147467263

Error: (06/15/2018 09:12:26 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5GIGPVQ)
Description: httphttp-2147467263

Error: (06/15/2018 04:15:35 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/12/2018 05:40:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2018.18041.15530.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 25dc

Čas spuštění: 01d4026193c45f27

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 50913362-c435-47be-8be5-428517db044d

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: App


System errors:
=============
Error: (06/19/2018 02:18:43 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba SAService ohlásila neplatný současný stav 14.

Error: (06/19/2018 02:14:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/19/2018 02:11:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/18/2018 08:30:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5GIGPVQ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-5GIGPVQ\derka (SID: S-1-5-21-1290545401-1897960774-3637104337-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/18/2018 07:25:09 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5GIGPVQ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-5GIGPVQ\derka (SID: S-1-5-21-1290545401-1897960774-3637104337-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/18/2018 05:01:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/18/2018 04:29:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5GIGPVQ)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-5GIGPVQ\derka (SID: S-1-5-21-1290545401-1897960774-3637104337-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/18/2018 04:24:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-06-03 21:32:07.871
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C3806EEA-5C09-46B5-B1C2-9ABFD48CD3A0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-03 15:09:29.345
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9851C852-C491-4076-8BC0-93A4D4427BF0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-03 12:22:00.625
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {232FC733-7CB3-4717-A981-315F9CD8E27F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-03 12:15:11.848
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {460FF57A-EEF2-4C66-B353-0824ED261D06}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-02 23:00:17.013
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F1566A12-FB1A-4DA2-8435-7A2779DD7F9E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-06-04 21:27:52.619
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.269.565.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14901.4
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

CodeIntegrity:
===================================

Date: 2018-05-26 23:17:07.567
Description: 
Windows blocked file \Device\HarddiskVolume4\Windows\SysWOW64\scrobj.dll which has been disallowed for protected processes.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz
Percentage of memory in use: 45%
Total physical RAM: 4001.91 MB
Available physical RAM: 2175.71 MB
Total Virtual: 6433.91 MB
Available Virtual: 4007.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:835.76 GB) NTFS

\\?\Volume{065ae3d7-42f2-435a-a639-92034d643dba}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
\\?\Volume{a052a7c1-def5-435c-b977-04f053efd148}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DE3B44E7)

Partition: GPT.

==================== End of Addition.txt ============================