Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2020
Ran by Zdenka (14-01-2020 14:50:15)
Running from C:\Users\Zdenka\Downloads
Windows 10 Home Version 1903 18362.535 (X64) (2019-12-26 20:26:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2935849915-2414251437-2821027110-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2935849915-2414251437-2821027110-503 - Limited - Disabled)
Guest (S-1-5-21-2935849915-2414251437-2821027110-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2935849915-2414251437-2821027110-504 - Limited - Disabled)
Zdenka (S-1-5-21-2935849915-2414251437-2821027110-1001 - Administrator - Enabled) => C:\Users\Zdenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 77.2.2157.122 - Autori prehliadača AVG Secure Browser)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.169.0 - AVG Technologies) Hidden
doPDF (HKLM\...\{A73C8195-BA5D-4F80-A8C0-2D4940C4F41E}) (Version: 8.9.954 - Softland) Hidden
doPDF (HKLM\...\{B53752C5-1954-49E8-97E3-70871B8E6E42}) (Version: 10.6.121 - Softland) Hidden
doPDF 10 (HKLM-x32\...\{5401627b-3796-494d-aefe-85806263665a}) (Version: 10.6.121 - Softland)
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{4C76C177-F384-4CC0-9FA1-343A94A78DC2}) (Version: 10.6.121 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{9D97C820-FA2A-4D2E-9205-3F7497DC6D87}) (Version: 10.6.121 - Softland)
doPDF 10 Printer Driver (HKLM\...\{E7D3833D-BFCA-4D71-8DDB-AF88C4B46718}) (Version: 10.6.121 - Softland)
doPDF 8 (HKLM-x32\...\{fef92eb6-78fb-4a76-a6d8-4bda96483b31}) (Version: 8.9.954 - Softland)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.30 - Irfan Skiljan)
Lenovo App Explorer (HKU\S-1-5-21-2935849915-2414251437-2821027110-1001\...\Host App Service) (Version: 0.273.3.730 - SweetLabs for Lenovo)
Microsoft Office Language Pack 2013  - Czech/čeština (HKLM-x32\...\Office15.OMUI.cs-cz) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 65.0.1 (x86 sk) (HKLM-x32\...\Mozilla Firefox 65.0.1 (x86 sk)) (Version: 65.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{7683DF2A-3A13-43A9-8A74-008E2F6E73F8}) (Version: 8.9.954 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{AF88289C-9E22-4210-BAA7-458799489851}) (Version: 8.9.954 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{8940FF4E-E757-4A45-9163-8F4131E87305}) (Version: 8.9.954 - Softland)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.1.3937 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20500.501.0_x64__rz1tebttyb220 [2019-12-26] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-04-05] (HP Inc.)
Indian Garden by Akshay Patil -> C:\Program Files\WindowsApps\Microsoft.IndianGardenbyAkshayPatil_1.0.0.0_neutral__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-04-05] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.50.0_x64__5grkq8ppsgwt4 [2019-02-09] (LENOVO INC) [Startup Task]
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.11425.20202.0_x86__8wekyb3d8bbwe [2019-04-05] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11425.20202.0_x86__8wekyb3d8bbwe [2019-04-05] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.11425.20202.0_x86__8wekyb3d8bbwe [2019-04-05] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.11425.20202.0_x86__8wekyb3d8bbwe [2019-04-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.3143.0_x86__8wekyb3d8bbwe [2019-04-05] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe [2019-04-05] (Microsoft Corporation) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.9516.0_x86__m916jedk64snt [2019-02-09] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.1.9528.0_x86__m916jedk64snt [2019-02-09] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2019-12-26] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2935849915-2414251437-2821027110-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Microsoft\OneDrive\19.002.0107.0008_1\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2935849915-2414251437-2821027110-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Microsoft\OneDrive\19.002.0107.0008_1\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2935849915-2414251437-2821027110-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Zdenka\AppData\Local\Microsoft\OneDrive\19.002.0107.0008_1\amd64\FileSyncShell64.dll => No File
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-11-08] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-11-08] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-12-09 18:26 - 2019-05-28 14:06 - 001021440 _____ () [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2019-11-27 16:43 - 2019-10-27 05:36 - 001261568 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2019-12-12 11:57 - 2019-12-12 11:57 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll
2018-12-12 12:33 - 2018-12-12 12:33 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn8.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-02-18 13:37 - 2019-02-18 13:40 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2935849915-2414251437-2821027110-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdenka\AppData\Local\Microsoft\Windows\Themes\Indian Ga\DesktopBackground\1_akshaypatil_indianflowers.jpg
DNS Servers: 8.8.8.8 - 208.67.222.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{28ACB12F-08C8-4CE2-A72E-F789DB4B79B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C8EA599F-9E40-4895-9A40-F58B9502AFAB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7BBDA074-A29B-4FDC-9697-ACD8D118F5CC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AAAB6260-E69D-48B9-A2BE-67FABA014433}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{11F80A52-B73E-46D8-B952-48C10633F8D8}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, Inc. -> AVG Technologies)
FirewallRules: [{4243CF83-41FE-4720-9648-A4B829A0EE14}] => (Allow) LPort=8501
FirewallRules: [{9E6841C1-E8FC-409A-AEA9-55519F8C2B54}] => (Allow) LPort=8501
FirewallRules: [{31055121-E524-49E0-B1DD-0A57F7DD4B7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E28D76AA-C505-4D1A-917C-9B6296E2A77C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{259F0BB3-4309-40E3-8B4F-1C1EDE3FD2B1}] => (Allow) LPort=8502
FirewallRules: [{DEE2DD7F-0F28-4F5F-B350-0A1185CF607C}] => (Allow) LPort=8502
FirewallRules: [{B0616DE7-A3CD-46C8-9F8F-FEBF535DC12F}] => (Allow) C:\Windows\KMS-R@1n.exe () [File not signed]
FirewallRules: [{74E682BA-C3FB-4D5E-A61C-540ABAF3922D}] => (Allow) C:\Windows\KMS-R@1n.exe () [File not signed]
FirewallRules: [{76A3D43B-5131-43A8-91A1-27199C5BA71D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{03FBCC34-0377-4591-B5B6-FC1A5758C046}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3A29651-558F-4D6B-BA9D-F841F0C5E5B8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0FD01B1-F9BA-4963-A71D-BB1C0C0A8857}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{301CE5F4-FB5E-4A8E-BCAF-AA90446C200D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-01-2020 11:41:37 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/14/2020 02:56:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6652,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 02:45:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2752,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 02:29:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (196,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 02:15:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1512,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/14/2020 02:08:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2316,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/13/2020 03:57:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3876,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/13/2020 03:50:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5036,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/13/2020 03:34:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.


System errors:
=============
Error: (01/13/2020 03:34:33 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/12/2020 03:37:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-M0S9OJP7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/12/2020 03:37:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-M0S9OJP7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/12/2020 03:37:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-M0S9OJP7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/12/2020 03:37:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-M0S9OJP7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/12/2020 03:37:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-M0S9OJP7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/12/2020 03:37:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-M0S9OJP7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/12/2020 03:37:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-M0S9OJP7)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2019-12-29 19:01:45.294
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2BD62D81-32C4-40C4-BA52-7DD21E56D8FE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-28 20:43:24.049
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A1411996-972B-4ECF-B590-B6D88C4D3AC0}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-28 20:25:34.157
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {ABB2360C-B529-43CE-8EDE-E482E2E11DA9}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-28 19:43:08.208
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9F526164-671C-4AD2-898D-E767F5E95FD7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-26 23:13:02.448
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Name: HackTool:Win32/AutoKMS
ID: 2147685180
Severity: Vysoká
Category: Nástroj
Path: amsi:_C:\Users\Zdenka\Desktop\Microsoft Office 2013 Professional Plus\Microsoft Toolkit 2.4.5.exe
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: AMSI
Process Name: C:\Users\Zdenka\Desktop\Microsoft Office 2013 Professional Plus\Microsoft Toolkit 2.4.5.exe
Security intelligence Version: AV: 1.289.1059.0, AS: 1.289.1059.0, NIS: 1.289.1059.0
Engine Version: AM: 1.1.15700.9, NIS: 1.1.15700.9

CodeIntegrity:
===================================

Date: 2020-01-14 13:58:20.612
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-14 13:58:20.589
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-14 13:58:20.518
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-14 13:58:20.399
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-14 13:58:19.673
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-14 13:57:01.812
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-14 13:57:01.796
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-01-14 13:57:01.765
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: LENOVO 8UCN06WW 04/10/2018
Motherboard: LENOVO LNVNB161216
Processor: AMD A6-9225 RADEON R4, 5 COMPUTE CORES 2C+3G 
Percentage of memory in use: 91%
Total physical RAM: 3903.98 MB
Available physical RAM: 349.84 MB
Total Virtual: 5823.98 MB
Available Virtual: 1421.72 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:905.27 GB) (Free:784.34 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.97 GB) NTFS

\\?\Volume{dbe7c519-18fa-431a-8e8a-2c4fae281259}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.55 GB) NTFS
\\?\Volume{b00eea7b-3c52-4922-a9fa-e8b1152b7616}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FD861042)

Partition: GPT.

==================== End of Addition.txt =======================