Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by Martin (07-10-2019 19:02:05)
Running from C:\Users\Martin\Desktop
Windows 10 Home Version 1809 17763.615 (X64) (2019-01-13 15:39:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1300877549-1184033115-3997360293-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1300877549-1184033115-3997360293-503 - Limited - Disabled)
Guest (S-1-5-21-1300877549-1184033115-3997360293-501 - Limited - Disabled)
Martin (S-1-5-21-1300877549-1184033115-3997360293-1001 - Administrator - Enabled) => C:\Users\Martin
WDAGUtilityAccount (S-1-5-21-1300877549-1184033115-3997360293-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
Alcor Micro USB Card Reader (HKLM-x32\...\{40368379-1065-46D0-BD0E-39D07260F69D}) (Version: 3.12.3042.71515 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.12.3042.71515 - Alcor Micro Corp.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{07641669-3466-4C2E-BA95-256AEA825533}) (Version: 1.2.134.23796 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{b7f9e12f-ca78-4964-9ffc-54acebd17675}) (Version: 1.2.134.23796 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.1909.1591 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.21.2.30481 - Avira Operations GmbH & Co. KG)
Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.0.0.1904 - Avira Operations GmbH & Co. KG)
Avira Safe Shopping (HKLM-x32\...\{7EB58250-F316-40E3-B07E-6CB6ED714120}) (Version: 1.1.43.3959 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{9A748448-7435-49AD-B175-087292C52A2E}) (Version: 2.0.6.17105 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.2.0.10728 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
BatteryCare 0.9.33.0 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.33.0 - Filipe Lourenço)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.151 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7035 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
eM Client (HKLM-x32\...\{7C1F6E39-9902-477C-87CD-184D0D95639E}) (Version: 7.2.35595.0 - eM Client Inc.)
Fedora Project - Fedora Media Writer - Tool to write Fedora images to flash drives (HKLM-x32\...\Fedora Media Writer) (Version: "${VERSIONMAJOR}.${VERSIONMINOR}.${VERSIONBUILD}" - "Fedora Project")
Free Editor (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66B4}_is1) (Version: 1.0 - Blue Labs, LLC)
Free Sound Recorder v10.8.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version:  - Copyright(C) 2005-2016 FreeSoundRecorder Technologies, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
HWiNFO32 Version 5.20 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.20 - Martin Malík - REALiX)
HWiNFO64 Version 6.00 (HKLM\...\HWiNFO64_is1) (Version: 6.00 - Martin Malík - REALiX)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
InternetFax (HKLM-x32\...\InternetFax_is1) (Version:  - FAX.cz)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.11 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7000 - Broadcom Corporation)
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo Multimedia and Communications Core Runtime (HKLM\...\{033DC0E0-DA89-4C33-B66C-89B64D312CD1}_is1) (Version: 5.0.13.94 - Lenovo Corporation)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{49A09C2C-FFF4-478E-B397-5E0979F67F5D}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.4.0.5 - Lenovo Group Limited)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.6 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.85 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.3.7 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0405-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MoboPlay for Android (HKLM-x32\...\aMoboPlay) (Version: 3.0.6.339 - Xianzhi)
MoboPlay for iOS (HKLM-x32\...\iMoboPlay) (Version: 3.0.6.339 - Xianzhi)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC80_x64 (HKLM\...\{68660049-8D48-427C-9FF7-139D8340CDC0}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (HKLM-x32\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice 4.1.3 Language Pack (Czech) (HKLM-x32\...\{965F2DCB-5A4D-4015-A080-BE75479F871E}) (Version: 4.13.9783 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7680 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype verze 8.32 (HKLM-x32\...\Skype_is1) (Version: 8.32 - Skype Technologies S.A.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.88438 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
Ulož.to File Manager version 1.6 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.6 - Nodus Technologies s.r.o.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\WhatsApp) (Version: 0.3.2386 - WhatsApp)
Windows Driver Package - Intel Corporation (iaStorA) HDC  (11/19/2012 11.7.0.1013) (HKLM\...\D1AAAA88A17BD0C40261ADD70E15166BF4D1C076) (Version: 11/19/2012 11.7.0.1013 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Word Editor ( Try ) (HKLM-x32\...\Word Editor ( Try )) (Version:  - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.9 - ZONER software)

Packages:
=========
Duolingo - Výuka jazyků zdarma -> C:\Program Files\WindowsApps\D5EA27B7.Duolingo-LearnLanguagesforFree_2017.112.1.0_x64__yx6k7tf7xvsea [2017-05-21] (Duolingo Inc.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-09-30] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-27] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-28] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-05] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2016-03-06] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2014-08-25] (AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-10-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:/Program Files (x86)/Avira/System Speedup/Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-08-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-05-08] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-05-08] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2014-08-25] (AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:/Program Files (x86)/Avira/System Speedup/Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-08-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:/Program Files (x86)/Avira/System Speedup/Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-08-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-10-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-05-08] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-05-08] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) ==============

2014-08-25 14:08 - 2014-08-25 14:08 - 000590848 _____ (AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll
2018-10-19 16:50 - 2018-04-30 14:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-06-21 21:08 - 2009-05-27 22:59 - 000057856 _____ (OpenLibSys.org) [File not signed] C:\Program Files (x86)\BatteryCare\WinRing0x64.dll
2019-09-21 12:07 - 2019-09-21 12:07 - 000880128 _____ (ServiceStack) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\6ff710b5e2b7788236a72ef2f85ed60c\ServiceStack.Text.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\arcelormittal.net -> hxxps://access.arcelormittal.net

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-04-28 21:16 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;;C:\PROGRAM FILES (X86)\INTEL\ICLS CLIENT\;C:\PROGRAM FILES\INTEL\ICLS CLIENT\;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL;C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\IPT;C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL;C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\IPT;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAMDATA\LENOVO\READYAPPS;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Samsung\Samsung PC Studio 3\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.0.20.1 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: Themes => 2
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "$McRebootA5E6DEAA56$.lnk"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "LnvMobHotspotClient"
HKLM\...\StartupApproved\Run: => "AmIcoSinglun64"
HKLM\...\StartupApproved\Run: => "StartW8Button"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "S60 PC Suite Tray"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "Appset Update"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "MSIDLL"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"
HKU\S-1-5-21-1300877549-1184033115-3997360293-1001\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D313C5B0-DB78-4ACC-BB16-90CD8C16929F}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{3E8566F6-7B4B-407F-B622-ACB1577E2897}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [TCP Query User{8E1D3839-A994-4BE2-A4C6-D44CAE6DB277}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{C65EA4BA-8C93-4087-98B0-73DA19658DD4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A44563C-D79F-47E2-A704-F7119E69BEE5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77D4CACF-D2A1-4DBE-BDA6-5189944B5840}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F27D60B5-2230-4C32-A0DB-AFDFAC71FF00}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AA38B57E-2825-4441-ADE7-FDD6193C32BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{76F7CBBA-E5D1-438D-AC5A-CD3A1D4C1CD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{45CB463A-9D8A-4B2C-9065-8AE0AABF4036}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8C3FD3B2-EAF7-429A-90E2-FC82CECF7B57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{62A5EFCF-C7BC-409D-B1DF-1E817AACA7BA}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{8B5E8BE8-3B6D-4C30-8E0B-B96154D7CCA1}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Block) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [TCP Query User{4D2DC002-D045-47BE-9AF7-AC2403D5FD03}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Block) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{77443FEE-E324-4E02-80FD-2051316D2C9D}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [TCP Query User{F3EE39A1-4D85-4F2D-A0CE-5A98453B3A21}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{7103A5A9-2632-4B8B-B64E-3B352E38FEBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FCC40BD3-3F00-499A-979A-51C327AECC6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{616D7E22-F686-4081-A05F-DADE46CD8324}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{BB55D8C2-1300-4744-AA75-4DFCD1F41934}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{960AB947-75E3-4B21-B530-B6E42C3AF432}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{C743E44B-12C7-45FA-8894-6C13ACE0ACC1}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{901C89B0-1266-4B4F-8DEF-EB87FB5AB323}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{F1BD7C84-1F2D-40BB-BC06-E319D7D4626E}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceProxy.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{4ED113FA-8DD9-4DD4-B141-5E8ACDF1303A}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{53983918-007E-4A94-904D-4B9A654806C2}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{0F743C22-759C-4EB3-87A3-0B9E02F49783}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{E2F2CE3E-92B7-44C5-BE58-6A9EBF6EA3FA}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{C5E6E87F-DC49-4A92-A528-A0172195F72B}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{2E54A9DA-68C9-4489-9B66-6644F0FAC6D6}] => (Allow) C:\Program Files (x86)\Xianzhi\Service\XianzhiDeviceService.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{20661F05-4DEF-468C-B8AA-136E652ED31E}] => (Allow) C:\Program Files (x86)\Xianzhi\aMoboPlay\aMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{55294278-9E56-4B96-B569-54604D3DE2D7}] => (Allow) C:\Program Files (x86)\Xianzhi\aMoboPlay\aMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{9AB37C7E-DD7F-4FA9-8ECF-C618828A303F}] => (Allow) C:\Program Files (x86)\Xianzhi\aMoboPlay\aMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{07435C5B-53E5-4018-885B-41CE695D667C}] => (Allow) C:\Program Files (x86)\Xianzhi\aMoboPlay\aMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{B536619B-6A68-4708-9343-6857A5372D94}] => (Allow) C:\Program Files (x86)\Xianzhi\aMoboPlay\aMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{A141D082-F73B-484A-A73F-41B10B4FD6B9}] => (Allow) C:\Program Files (x86)\Xianzhi\aMoboPlay\aMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{C8B5D8FB-3D5B-4562-A00E-78BAD219A9A0}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> )
FirewallRules: [{1640E60D-7366-42DE-B30E-0CC670305230}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> )
FirewallRules: [{65186369-4A0F-4740-B48E-DC105F9061EA}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> )
FirewallRules: [{EB2477BA-6D20-4BAB-A4CA-6FB032C7AFD8}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> )
FirewallRules: [{7987C0B4-F84C-414F-9A7C-8A5D849B6E31}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> )
FirewallRules: [{29EC4F9C-76BF-4B3C-8284-E8F9F889F20F}] => (Allow) C:\Program Files (x86)\ExtendRes\ExtendRes.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> )
FirewallRules: [{1DB27F35-3B90-492D-B324-636E35EBD680}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{5404A623-B305-4CEF-BF3E-0991CB59B89B}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{C8B0AE90-0574-4D8A-B9AA-0E50C3367142}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{51339C76-05BB-4D6D-AF09-A4D6A7AEE47E}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{1731C986-8D75-4B85-88EB-23A205FAB0F5}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{813AAEBD-7837-4A44-B7ED-57EF66920D8F}] => (Allow) C:\Program Files (x86)\Xianzhi\iMoboPlay\iMoboPlay.exe (Fuzhou Xianzhi Ruishi Information Technology Co., Ltd. -> Fuzhou Xianzhi Ruishi Information Technology Co.,Ltd)
FirewallRules: [{6231D95C-750A-473F-A148-85E6EF33C81D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{41F178F3-C00C-4DF2-A962-A67B3862E4BA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{4F6B8DC9-FFCF-4965-95D3-61765E1A555C}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{50539776-691D-4D87-A1A6-197EBB34AF4E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{FC42FE71-EA50-46AD-BAE5-F0E4AE83DC7A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{63E43A67-1428-4917-836C-72950AE76DCC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2E1F4D50-E231-4E99-9DA8-0960A1A9F145}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe No File
FirewallRules: [{53203DBC-79DB-494F-BC03-5FFD0D5F0C12}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe No File
FirewallRules: [{2D36B565-F3D1-48E2-AB81-018F6DA61394}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe No File
FirewallRules: [{B04076F4-72F5-4D51-BCEF-4C9FDF999A43}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe No File

==================== Codecs (Whitelisted) ==================


==================== Restore Points =========================

16-05-2019 18:16:27 Windows Update
19-05-2019 21:05:06 Windows Update
22-05-2019 12:32:22 Installed eM Client
15-07-2019 16:15:36 Windows Update
15-07-2019 16:16:56 Windows Update
02-09-2019 15:39:32 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2019 06:22:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (10/06/2019 07:13:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.2.0.10728, časové razítko: 0x5d5519ea
Název chybujícího modulu: clr.dll, verze: 4.7.3416.0, časové razítko: 0x5cabfd2c
Kód výjimky: 0xc0000409
Posun chyby: 0x00569fe7
ID chybujícího procesu: 0x453c
Čas spuštění chybující aplikace: 0x01d57c695e7eea53
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: e44d5cf6-0d39-4663-b337-d34c9e7623f7
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/06/2019 07:13:14 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/30/2019 03:13:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.2.0.10728, časové razítko: 0x5d5519ea
Název chybujícího modulu: clr.dll, verze: 4.7.3416.0, časové razítko: 0x5cabfd2c
Kód výjimky: 0xc0000409
Posun chyby: 0x00569fe7
ID chybujícího procesu: 0x55c4
Čas spuštění chybující aplikace: 0x01d57790d9373cd1
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: f0a5652a-473d-4d12-a63b-d610a59aaf1a
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (09/30/2019 03:10:51 PM) (Source: LSCWinService) (EventID: 0) (User: )
Description: Službu nelze spustit. Neplatný popisovač

Error: (09/30/2019 03:05:04 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/26/2019 06:13:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.2.0.10728, časové razítko: 0x5d5519ea
Název chybujícího modulu: clr.dll, verze: 4.7.3416.0, časové razítko: 0x5cabfd2c
Kód výjimky: 0xc0000409
Posun chyby: 0x00569fe7
ID chybujícího procesu: 0x3c5c
Čas spuštění chybující aplikace: 0x01d5748554c5b565
Cesta k chybující aplikaci: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: fef28c96-925b-49b8-8174-e3644ce59ddd
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (09/26/2019 06:06:49 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem Nezdařila se fáze obnovení..

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
	Vypínání indexovacího modulu  (HRESULT : 0x80040d23) (0x80040d23)


System errors:
=============
Error: (10/07/2019 06:42:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (10/07/2019 06:33:46 PM) (Source: DCOM) (EventID: 10016) (User: MARTINRASZKA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 a APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 uživateli MartinRaszka\Martin (SID: S-1-5-21-1300877549-1184033115-3997360293-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/07/2019 06:33:18 PM) (Source: DCOM) (EventID: 10016) (User: MARTINRASZKA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 a APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 uživateli MartinRaszka\Martin (SID: S-1-5-21-1300877549-1184033115-3997360293-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/07/2019 06:29:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (10/07/2019 06:28:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (10/07/2019 06:28:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/07/2019 06:28:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (10/07/2019 06:28:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2019-07-24 15:07:24.561
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.293.900.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru. 

Date: 2019-07-24 15:07:24.560
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.293.900.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru. 

Date: 2019-07-24 15:07:24.560
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.293.900.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru. 

Date: 2019-07-24 15:07:24.546
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.293.900.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru. 

Date: 2019-07-24 15:07:24.546
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.293.900.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru. 

CodeIntegrity:
===================================

Date: 2019-10-06 19:48:40.394
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-10-06 19:20:36.146
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-30 15:08:45.565
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-09-05 17:49:03.465
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-28 15:19:05.439
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-27 15:11:56.072
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-08-20 18:18:19.944
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-24 15:02:42.654
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: LENOVO H9ET81WW(1.18) 12/05/2013
Motherboard: LENOVO 20206
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 58%
Total physical RAM: 3982.22 MB
Available physical RAM: 1637.84 MB
Total Virtual: 11918.22 MB
Available Virtual: 9222.58 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:225.77 GB) (Free:81.11 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:158.21 GB) (Free:88.92 GB) NTFS

\\?\Volume{c36d5ff1-bffe-4805-aea8-e44cc4163bd9}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{4b11df7a-1dd5-452b-b07f-97206c3d29c6}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{05457ebc-b4c8-4238-953a-92a09671f673}\ (Lenovo_Recovery) (Fixed) (Total:13.52 GB) (Free:4.17 GB) NTFS
\\?\Volume{4e3a0927-0a6e-40bf-b7b4-4104ae1f17bd}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================