Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-07-2020
Ran by Zdenda (29-07-2020 20:08:49)
Running from C:\Users\Zdenda\Desktop
Windows 10 Home Version 1903 18362.900 (X64) (2019-09-11 18:26:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-820366760-2656376409-1252331811-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-820366760-2656376409-1252331811-503 - Limited - Disabled)
Guest (S-1-5-21-820366760-2656376409-1252331811-501 - Limited - Disabled)
halik (S-1-5-21-820366760-2656376409-1252331811-1002 - Limited - Disabled)
host (S-1-5-21-820366760-2656376409-1252331811-1004 - Limited - Enabled) => C:\Users\host
WDAGUtilityAccount (S-1-5-21-820366760-2656376409-1252331811-504 - Limited - Disabled)
zdend (S-1-5-21-820366760-2656376409-1252331811-1003 - Limited - Disabled)
Zdenda (S-1-5-21-820366760-2656376409-1252331811-1001 - Administrator - Enabled) => C:\Users\Zdenda

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.50 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
iStripper version 1.2.190 (HKU\S-1-5-21-820366760-2656376409-1252331811-1001\...\iStripper_is1) (Version: 1.2.190 - Totem Entertainment)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2376 - GenesysLogic)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.3330.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.72 - McAfee, LLC.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 81.0.416.88 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.127.15 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-820366760-2656376409-1252331811-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.59.36848 - Electronic Arts, Inc.)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.213.243 - REALTEK Semiconductor Corp.)
Roblox Player for Zdenda (HKU\S-1-5-21-820366760-2656376409-1252331811-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for Zdenda (HKU\S-1-5-21-820366760-2656376409-1252331811-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - Roblox Corporation)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Služba Lenovo Vantage (HKLM-x32\...\VantageSRV_is1) (Version: 3.3.61.0 - Lenovo Group Ltd.)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.172.400.0_x86__kgqvnymyfvs32 [2020-07-22] (king.com)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.30.0_x64__k1h2ywk1493x8 [2020-07-22] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-28] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-20] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-22] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-26] (LENOVO -> Lenovo)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-22] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-26] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-03-04 22:06 - 2015-09-30 10:05 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2016-03-04 22:06 - 2015-09-30 10:05 - 000053248 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_socket.pyd
2016-03-04 22:06 - 2015-09-30 10:05 - 000655360 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ssl.pyd
2015-07-22 20:44 - 2015-07-22 20:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2016-03-04 22:06 - 2015-09-30 10:00 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2015-07-22 20:44 - 2015-07-22 20:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2016-03-04 22:06 - 2015-09-30 09:58 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\MSVCR71.dll
2019-09-11 20:30 - 2019-09-11 20:30 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2016-03-04 22:06 - 2015-09-30 10:05 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll
2020-07-28 20:19 - 2020-04-05 18:14 - 001662976 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.3.61.0\x64\SQLite.Interop.dll
2020-07-22 19:45 - 2020-04-05 18:36 - 001343488 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll
2020-07-22 19:40 - 2020-04-09 09:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-01-14 18:07 - 2020-01-19 05:23 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-01-19 05:24 - 2020-01-19 05:23 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-01-19 05:24 - 2020-01-19 05:22 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-01-19 05:24 - 2020-01-19 05:23 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-01-19 05:24 - 2020-01-19 05:23 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-01-19 05:24 - 2020-01-19 05:23 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-01-19 05:24 - 2020-01-19 05:23 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-01-19 05:24 - 2020-01-19 05:23 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-01-04 15:36 - 000000854 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-820366760-2656376409-1252331811-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdenda\Desktop\maxresdefault.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-820366760-2656376409-1252331811-1001\...\StartupApproved\StartupFolder: => "DesktopVideoPlayer.lnk"
HKU\S-1-5-21-820366760-2656376409-1252331811-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-820366760-2656376409-1252331811-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_D0ADB01AE47DC9E09D7AF5F491994EFB"
HKU\S-1-5-21-820366760-2656376409-1252331811-1001\...\StartupApproved\Run: => "EADM"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8E952F3C-185B-428D-AADA-976C28218C69}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [{DE45ABC0-6F76-4B5B-AEFD-574480F58CB0}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{979BEC79-E88A-41EB-8876-440610EBF9F0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B505C91A-C36A-40F9-9EF8-5C4F4CC46CE7}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9B72D60C-C557-4D24-96DC-64D152EE4DAF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{3F8C16D8-15F2-48DB-B1EB-33A37F4B66C1}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{86B1426A-6A7A-453C-A7CD-99A1053C64E7}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{582E50C1-323E-4468-A624-78AE92C7E28C}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{3FBD7652-B71F-480B-AE60-40E89C1CD1B7}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{A853E2A0-9119-4362-B073-40AB5804871D}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Block) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [UDP Query User{15106742-A716-40B6-A8B8-B59EE30ACABB}C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Block) C:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{F7F7DC76-8ABA-49A5-AB19-3B30E699DAF1}C:\users\zdenda\appdata\local\vghd\bin\vghd.exe] => (Block) C:\users\zdenda\appdata\local\vghd\bin\vghd.exe (Totem Entertainment) [File not signed]
FirewallRules: [UDP Query User{47BDD9A2-2C82-415A-85ED-31E0449FAD0D}C:\users\zdenda\appdata\local\vghd\bin\vghd.exe] => (Block) C:\users\zdenda\appdata\local\vghd\bin\vghd.exe (Totem Entertainment) [File not signed]
FirewallRules: [TCP Query User{7C38005F-C6EB-4C70-A8F9-A7E4C218AD26}C:\users\zdenda\appdata\local\vghd\bin\vghd.exe] => (Block) C:\users\zdenda\appdata\local\vghd\bin\vghd.exe (Totem Entertainment) [File not signed]
FirewallRules: [UDP Query User{5A5E4EA9-7019-4920-BCBA-C8AB85C8A322}C:\users\zdenda\appdata\local\vghd\bin\vghd.exe] => (Block) C:\users\zdenda\appdata\local\vghd\bin\vghd.exe (Totem Entertainment) [File not signed]
FirewallRules: [{61A27DE9-8DE8-4326-AD10-7865C4A3C216}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D03E7FC7-D52F-49A9-A04C-B7B1193517A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5CFA03D6-A281-41F9-93B3-DB0EE2815E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Zombie 2\The Walking Zombie 2.exe () [File not signed]
FirewallRules: [{5628C235-0697-4A43-9B3F-C954F910CE1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Zombie 2\The Walking Zombie 2.exe () [File not signed]
FirewallRules: [{D8DFC977-3DC3-47FB-9274-555820D937FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{62807FD5-493A-4B7F-ABED-99829BF32F04}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EE102BEF-A2FA-4E00-80E4-F0B6E379AD46}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{783D8F40-EDEA-4D23-ABE0-0BB30A56C6AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E833916-9326-40F2-B2E0-0B32931C69DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{895B2510-B9D6-46C1-A4E7-15DAA8434016}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3AEE3424-520B-4CD9-B88F-AC72E0DAE2AD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-05-2020 17:40:41 Naplánovaný kontrolní bod
28-07-2020 19:12:10 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/29/2020 08:08:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5236,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (07/29/2020 06:38:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program msedge.exe verze 81.0.416.88 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2738

Čas spuštění: 01d665c5624e52e6

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

ID hlášení: 88b33d43-c9d2-4ff5-a4b1-943bbe532a22

Úplný název balíčku s chybou: 

ID aplikace relativní podle balíčku s chybou: 

Typ zablokování: Top level window is idle

Error: (07/29/2020 06:25:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3444, identifikátor PID ProfSvc: 1740.

Error: (07/29/2020 06:22:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5232,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (07/28/2020 08:35:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7716,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (07/28/2020 08:26:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10936,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (07/28/2020 07:58:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (07/28/2020 07:51:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (07/29/2020 06:48:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/29/2020 06:48:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (07/29/2020 06:43:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby: 
Soubor nebo adresář je porušen a není čitelný.

Error: (07/29/2020 06:42:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll

Error: (07/29/2020 06:42:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll

Error: (07/29/2020 06:41:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll

Error: (07/29/2020 06:41:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/29/2020 06:41:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-12-21 20:47:31.647
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {27070DD6-4161-46D6-922C-5A6C007B7105}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-14 08:56:17.068
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B8D3032D-8687-466C-8818-4F5ABE55AB55}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-14 10:21:01.352
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FAFCAC2C-EFBC-4802-81D0-FA033A764791}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-14 08:57:38.978
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {19D5CFE9-6E8B-4F55-983F-980961D941FF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-09-12 15:21:30.658
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.A&threatid=2147729066&enterprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.301.1049.0, AS: 1.301.1049.0, NIS: 1.301.1049.0
Verze modulu: AM: 1.1.16300.1, NIS: 1.1.16300.1

Date: 2020-07-28 18:18:07.469
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.319.2068.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena. 

Date: 2020-07-28 18:18:07.468
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.319.2068.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena. 

Date: 2020-07-28 18:18:07.467
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.319.2068.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena. 

Date: 2020-03-11 20:10:42.649
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.307.1866.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2020-03-11 20:10:42.648
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.307.1866.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

CodeIntegrity:
===================================

Date: 2020-07-22 22:32:01.309
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-22 22:32:00.730
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-22 22:32:00.171
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-22 22:32:00.171
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-22 22:28:54.409
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-07-22 22:28:54.344
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-07-22 22:28:54.280
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-07-22 22:28:41.949
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: LENOVO 0QCN25WW 01/13/2016
Motherboard: LENOVO Nano BDW
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 72%
Total physical RAM: 4011.01 MB
Available physical RAM: 1088.28 MB
Total Virtual: 6955.01 MB
Available Virtual: 3616.7 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:887.08 GB) (Free:742.97 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.16 GB) NTFS

\\?\Volume{06a4fa8e-5daa-483c-ac52-8f69fb577962}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.45 GB) NTFS
\\?\Volume{771ba8e9-9491-4790-b889-648c44b4e7d3}\ (LENOVO_PART) (Fixed) (Total:17.21 GB) (Free:4.82 GB) NTFS
\\?\Volume{d09647c1-3d1a-4409-9a45-13f91af949ae}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 11F2B733)

Partition: GPT.

==================== End of Addition.txt =======================