Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2016
Ran by Y50 (21-12-2016 09:57:39)
Running from C:\Users\Y50\Desktop
Windows 8.1 (Update) (X64) (2016-05-23 11:49:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3429431780-2249701502-4008109923-500 - Administrator - Disabled)
Guest (S-1-5-21-3429431780-2249701502-4008109923-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3429431780-2249701502-4008109923-1003 - Limited - Enabled)
Y50 (S-1-5-21-3429431780-2249701502-4008109923-1001 - Administrator - Enabled) => C:\Users\Y50

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
Advanced SystemCare 10 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 10.0.3 - IObit)
Aktualizace NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version:  - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.69.1079 - AB Team, d.o.o.)
Canon MP510 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510) (Version:  - )
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Colin McRae Rally (HKLM\...\Steam App 287340) (Version:  - Codemasters Digital)
Crysis 2 Maximum Edition (HKLM\...\Steam App 108800) (Version:  - Crytek Studios)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0196 - Disc Soft Ltd)
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dragon Age: Origins (HKLM\...\Steam App 17450) (Version:  - BioWare)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.0.8 - Lenovo)
Fistful of Frags (HKLM\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GRID 2 (HKLM\...\Steam App 44350) (Version:  - Codemasters Racing)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4029 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10291 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.39.1 - ELAN Microelectronic Corp.)
Lichdom: Battlemage (HKLM\...\Steam App 261760) (Version:  - Xaviant)
Mass Effect 2 (HKLM\...\Steam App 24980) (Version:  - BioWare)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 368.39 (Version: 368.39 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.810.810.031214 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0251 - REALTEK Semiconductor Corp.)
Resident Evil Revelations 2 / Biohazard Revelations 2 (HKLM\...\Steam App 287290) (Version:  - CAPCOM Co., Ltd.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version:  - )
RollerCoaster Tycoon 2: Time Twister (HKLM-x32\...\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Wacky Worlds (HKLM-x32\...\{B1AD83A0-DC92-41E3-B111-E9472349768C}) (Version:  - )
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Ryse: Son of Rome (HKLM\...\Steam App 302510) (Version:  - Crytek)
S.K.I.L.L. - Special Force 2 (HKLM\...\Steam App 286940) (Version:  - Dragonfly GF Co., LTD)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.3.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version:  - FireFly Studios)
Thief (HKLM\...\Steam App 239160) (Version:  - Eidos-Montréal)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM\...\Steam App 272350) (Version:  - Ubisoft Singapore)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.3.6 - Lenovo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
World of Fishing (HKLM\...\Steam App 421960) (Version:  - Masangsoft, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Y50\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileCoAuthLib64.dll ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0488B5D0-FBF1-4FDC-8D34-87D87AD0D490} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {08FD2712-A001-4F8B-B594-F546E2E73990} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-11-10] (IObit)
Task: {146ADB44-9BF2-4D14-A885-E24538959E14} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => C:\windows\system32\GWX\GWXConfigManager.exe
Task: {322D4800-5B6F-4F18-AC93-5E51BF859A87} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-12-20] (AVAST Software)
Task: {34B1D165-447B-4CB1-8F56-AF414832C427} - System32\Tasks\{12DD15B8-828E-4BC5-9D83-605F750C3B5F} => pcalua.exe -a "C:\Users\Y50\Videos\Lord of the Rings The Battle for Middle-Earth 2\AutoRun.exe" -d "C:\Users\Y50\Videos\Lord of the Rings The Battle for Middle-Earth 2"
Task: {34CFA9B0-F995-4BFD-9ABF-AAB430D180B7} - System32\Tasks\ASC10_SkipUac_Y50 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-11-11] (IObit)
Task: {54B9B661-55D3-437D-B168-3EBC98A84E33} - System32\Tasks\Driver Booster SkipUAC (Y50) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {56A958BC-C657-4151-88AD-B06F3F1C3B6E} - System32\Tasks\Uninstaller_SkipUac_Y50 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-04] (IObit)
Task: {686C7FE8-31F4-4500-AFF9-91BC70E21B59} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {7866D558-E799-4076-8E5B-FF700DF1F2DC} - System32\Tasks\{9B1E7228-4D6D-4E31-82FA-7175BFE92F6B} => pcalua.exe -a "C:\Users\Y50\Videos\The Lord Of The Rings Battle For Middle Earth 2\The Lord Of The Rings Battle For Middle Earth 2\AutoRun.exe" -d "C:\Users\Y50\Videos\The Lord Of The Rings Battle For Middle Earth 2\The Lord Of The Rings Battle For Middle Earth 2"
Task: {7A08A152-4FA7-4528-9E2C-126F185E3A79} - System32\Tasks\{F42E1D03-CD56-4DCF-8521-8DE42F234332} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\EAUninstall.exe"
Task: {7A7F25FE-3091-4B24-A042-D3CC2D172855} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-16] (Google Inc.)
Task: {92D3A0B1-A771-4B90-B263-4F46C788D180} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {974BC716-85DB-4502-9EB9-634DE166A372} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-15] (Microsoft Corporation)
Task: {A282A9A3-D3BA-4362-8A38-B30992C3964B} - System32\Tasks\SmartDefrag_AutoDefrag => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {AF34446E-B111-4063-94C6-9000D911E6A5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\windows\system32\GWX\GWXUXWorker.exe
Task: {B2781732-2251-4B22-864B-28D8288D7AE9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-15] (Microsoft Corporation)
Task: {B6D9B195-A4D6-4449-B7A4-5DD8BF4CDDBD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-12-15] (Microsoft Corporation)
Task: {BAE81B28-A044-4E34-AB40-54677BD81BBA} - System32\Tasks\SafeZone scheduled Autoupdate 1482234574 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {C55D11AD-A336-4510-ADF0-6B783EBE1A06} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-26] (AVAST Software)
Task: {C8AFE902-AEE2-4EF2-8BE7-F5964CC11776} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {CD50E20C-6C7A-434B-8BD9-3E0A48CB72AD} - System32\Tasks\Driver Booster Beta SkipUAC (Y50) => C:\Program Files (x86)\IObit\Driver Booster Beta\4.0.1\DriverBooster.exe
Task: {CE461628-5212-42C2-9B7E-B7E0687531C9} - System32\Tasks\{A6F9A482-EBF4-4CC6-8D17-2547981CB3B0} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\lotrbfme2.exe" -d "C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II"
Task: {D3DC1964-3ABB-4366-A078-557F2B4E3948} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {D4C24370-9D60-46FA-97BA-405EEADA957B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {D62F264C-A852-4468-9C6F-3B761CD3DDF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {DA9BB13F-A354-4A45-81F8-E9E42BCB90DB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\windows\system32\GWX\GWXUXWorker.exe
Task: {F143D53C-DC24-4702-BA02-D36F254A1FEF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {F3E1E936-4B21-47B8-BEDD-D3654F509435} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-16] (Google Inc.)
Task: {F94953DC-4636-4B2C-AED9-00D55E32C720} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-09-26] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Uninstaller_SkipUac_Y50.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-06-23 18:42 - 2016-06-03 04:26 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-10-17 08:57 - 2016-10-17 08:57 - 01864384 _____ () C:\Users\Y50\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2015-06-23 01:52 - 2014-11-21 09:54 - 00456808 _____ () C:\windows\system32\igfxTray.exe
2016-06-22 16:30 - 2016-06-14 21:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-06-23 18:48 - 2013-10-01 10:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-06-23 19:08 - 2014-07-10 01:19 - 00592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2016-12-15 07:48 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 07:48 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-06-23 01:51 - 2014-11-21 09:54 - 17170624 _____ () C:\windows\SYSTEM32\igd11dxva64.dll
2016-12-20 12:38 - 2016-12-20 12:38 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-20 20:58 - 2016-12-20 20:58 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16122001\algo.dll
2016-12-20 12:38 - 2016-12-20 12:38 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-22 16:30 - 2016-06-14 21:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-20 12:38 - 2016-12-20 12:38 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 00151040 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\cs_cz\PDFMaker\PDFMOfficeAddin.CZE
2016-10-27 12:35 - 2016-10-27 12:35 - 28035768 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.dll
2016-07-28 20:47 - 2016-07-28 20:47 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\sqlite.dll
2016-10-01 00:36 - 2016-10-01 00:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\sharepoint.com -> hxxps://fafukhk-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Y50\Downloads\13235486_493108104226519_6515483306950743_o.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "avast! Cleanup.lnk"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "SystemExplorerAutoStart"
HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\StartupApproved\StartupFolder: => "RollerCoaster Tycoon 3 Registration.lnk"
HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3429431780-2249701502-4008109923-1001\...\StartupApproved\Run: => "Advanced SystemCare 10"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{DFD8C175-C5B3-4CCE-A819-A05B8554E4A0}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7F02B5D0-DFD1-471E-B099-0DA5FB3AB0D1}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DAB40066-568A-4147-8C97-E1CC94CEA5D8}] => LPort=55100
FirewallRules: [{17BBC564-8BAA-4669-AEE8-B3D30498F63E}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1B335B8A-B1D9-4655-A42B-48655F4EDB45}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A3D896DA-F9C8-4C3B-B5B0-ED455023078C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A06F1EC2-C651-4E74-BCD6-BE370A679FAF}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{491B7529-49F1-489D-95BC-3B0D22E60372}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{216F6C47-FCFC-401D-9C60-40696FDFB1F9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{059107AB-E831-4031-841F-5A8BA15C607E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4A7B98A4-0531-4279-96F8-B50F019C0FFF}C:\users\y50\appdata\roaming\utorrent\utorrent.exe] => C:\users\y50\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{E95CDA22-B830-47D7-85F5-2D971DDD62E2}C:\users\y50\appdata\roaming\utorrent\utorrent.exe] => C:\users\y50\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{83CEC9C7-7C2B-4FD2-A4BD-517B96B8A3D5}] => C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{8EFFE5F5-5E5D-47C5-BD6C-3B549ECEA640}] => C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{93D8DA10-61D4-4EAC-897C-C4810D9281E2}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5AD2D8B3-1D43-4419-900C-6FF4BC8DEA29}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{90979786-1F7A-490D-955C-132185040AEE}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{12345B70-CF45-4042-BE62-F572DAF2A0F4}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{2AC449C0-C960-49EF-A0C4-8826751FCAEB}] => C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe
FirewallRules: [{91D06B0D-33F9-4512-B9C1-E02F9B42EA9E}] => C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL REVELATIONS 2\rerev2.exe
FirewallRules: [{4FBF77D8-6DBC-4E82-9AFE-11F2CDAE880F}] => C:\Program Files (x86)\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{0CBC9A68-521E-4C58-9A1E-59DD8E3A9633}] => C:\Program Files (x86)\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{CE077788-0AC2-42A4-BBC5-38578C08EA02}] => C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{D10F224C-438D-4F1C-B42C-9A990F97C7F9}] => C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [TCP Query User{8DD718F6-97CB-40DB-8976-AEC6B80C05D9}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{590075B9-283B-46D7-9C86-B586C28747E6}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{EF6A4AAC-09FA-486A-8B54-040EF84E45F9}] => C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{99674B0F-6C68-4B80-9706-B38E674B85F1}] => C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AA22F765-769E-4902-B7D2-0D6ABB49C699}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{9B37BE33-9DD4-413D-8F94-5DFF6F5BCD8E}] => C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [TCP Query User{527C5F70-73B3-44AD-AE46-078504A2FB80}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{8C74092E-63A2-45E5-AA92-5D43000A9262}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{27CA2526-A206-483A-B99A-81F459443627}C:\windows\system32\settingsynchost.exe] => C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{983670D8-2E6F-4519-98B1-6AE5653FAB96}C:\windows\system32\settingsynchost.exe] => C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{27CF672E-4CE9-4782-9F65-82340AEBD31F}C:\windows\explorer.exe] => C:\windows\explorer.exe
FirewallRules: [UDP Query User{15A892C9-CD76-4D6C-997A-863F4B74C514}C:\windows\explorer.exe] => C:\windows\explorer.exe
FirewallRules: [TCP Query User{02856118-F552-4C2E-9CB9-D74FFE051A45}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{F9518C59-C841-4C71-AA2A-19399635DB7B}C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => C:\program files (x86)\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{8CAD2ED3-CA89-45F4-9F9B-9F68E8E1669A}C:\users\y50\appdata\roaming\utorrent\utorrent.exe] => C:\users\y50\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{2C289058-A065-452D-B2DB-F68352CB4439}C:\users\y50\appdata\roaming\utorrent\utorrent.exe] => C:\users\y50\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{34E51467-ABE3-496D-8CFB-C4A6447FA49C}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FD18D31F-43A7-456E-BD2F-ED229048C7CD}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{43598379-8774-4900-976E-46BCFB6CA158}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{55616054-7682-456D-8FD7-026E67D9DE6A}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{80C95A76-A72C-4FE8-9DCE-FBB1666AE1E7}] => C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Origins\bin_ship\DAOrigins.exe
FirewallRules: [{2E8729F1-E75A-42BA-8932-ABB241656A74}] => C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Origins\bin_ship\DAOrigins.exe
FirewallRules: [{C70FCC36-97A3-48CE-B5F8-3BDD57B2AD86}] => C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Origins\DAOriginsLauncher.exe
FirewallRules: [{406CD988-84C2-41D1-931F-C2F6F0C46EFD}] => C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Origins\DAOriginsLauncher.exe
FirewallRules: [{C1ECAB91-EF9C-42D7-BADA-44419800C1C8}] => C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Origins\bin_ship\daupdatersvc.service.exe
FirewallRules: [{5AE1B29F-B0DA-41FD-8DA3-E79F5BE1A00F}] => C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Origins\bin_ship\daupdatersvc.service.exe
FirewallRules: [{722694CC-406A-4AAD-BEDB-D86A05C211E2}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7AEC689E-6B12-4F88-BFA6-B3847672E4E4}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1D573E23-8D5A-48F3-AC90-195E974667A3}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4C599F50-8945-42A0-A628-F676A9DFA2CC}] => C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{F252C797-57F8-478E-964E-96A0AE7F1711}] => C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{6D27C556-8DF6-4F3D-AE52-33A7112150FF}] => C:\Program Files (x86)\Steam\steamapps\common\Colin McRae Rally\CMR.exe
FirewallRules: [{3AB3EE01-7447-4562-9BF8-6803092CA2AC}] => C:\Program Files (x86)\Steam\steamapps\common\Colin McRae Rally\CMR.exe
FirewallRules: [{548CCFC8-60E3-4C5D-8AAB-A3BA43B7F43A}] => C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{6FEA8E8B-1746-4D96-BC93-076FDE586CA0}] => C:\Program Files (x86)\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{DAF69C79-9BD8-41D6-929D-CBFEAF2D1B82}] => C:\Program Files (x86)\Steam\steamapps\common\World of Fishing\WOF_LogIn_STEAM.exe
FirewallRules: [{85A5C296-0DB0-4918-9C2D-3AA2DE1CEC50}] => C:\Program Files (x86)\Steam\steamapps\common\World of Fishing\WOF_LogIn_STEAM.exe
FirewallRules: [{32F5D7E5-FC7C-4127-8B9F-9990169D0AA2}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5BD7D93C-0D0E-4BDB-8B77-A173EFB8537B}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{FE4C42E8-6097-4A5D-AAEA-66FCBB54C195}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{966E7BCD-6D85-48EF-BBEA-C5BB62EE2D33}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{2CED713C-41B1-4AAA-88B1-ED9ADDF8BC08}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{B678C19D-7A64-45E6-BC64-40659C58BB93}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{B9B1B2E3-4898-4D31-BF4C-C25202DA12C7}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{5153DF1B-F773-46A1-9496-771C49C8AEB8}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{CC366B8F-0774-4DC5-988A-65A73C769523}] => C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{AC44DEF6-C784-4921-B0AA-D32885720669}] => C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{32E40662-8DF8-49DC-9B66-FFCDE8897B45}] => C:\Program Files (x86)\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{A46C56BB-9886-47EC-9ABB-4C021FC2CAB3}] => C:\Program Files (x86)\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{E9746019-8082-46C6-B48E-7195AA5BE91C}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{080EC1AD-D9AA-43D8-B3AB-D8B6DE1CAC5D}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{BE24CAB6-5B89-4F17-A6CE-F9E6A23FBC31}] => C:\Program Files (x86)\Steam\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{555C65A8-450E-4368-A3E1-1998D89D1A9E}] => C:\Program Files (x86)\Steam\steamapps\common\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{090D83F1-AB60-4653-97E6-3DAF9CEEEA3B}] => C:\Program Files (x86)\Steam\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{6A3E1E4B-7C35-4EF1-9B0A-05A144E31E55}] => C:\Program Files (x86)\Steam\steamapps\common\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{A351FEE4-5B13-4E02-B9DA-63CCB4DE477E}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{C2C7BA1E-9E31-450B-BD35-DB398CEB5489}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{A07A624F-5E70-45AF-B697-4540BE83D430}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{306DA53F-72A1-46DB-8D58-942A6689A376}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{F00C40EC-1008-40CA-B8C8-5497F2C5AC70}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7EA7A0A9-0066-496A-B402-0291B4085655}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BAF4E9A2-8B67-4287-8018-65D22B510181}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C8D48427-CD95-4ED6-857C-44C8CE9700B5}] => C:\Users\Y50\Downloads\solutoinstaller.exe
FirewallRules: [{F2ADBA8B-D691-41FE-8DD7-516B5D45C1EC}] => C:\Users\Y50\Downloads\solutoinstaller.exe

==================== Restore Points =========================

04-12-2016 10:24:05 Scheduled Checkpoint
09-12-2016 15:18:48 Installed RollerCoaster Tycoon 2
10-12-2016 19:14:21 Driver Booster : Realtek PCIe GBE Family Controller
12-12-2016 23:23:28 Nainstalováno rozhraní DirectX
16-12-2016 08:51:14 Windows Update
17-12-2016 10:14:07 Operace obnovení
17-12-2016 19:45:29 Nainstalováno rozhraní DirectX
17-12-2016 22:25:05 Installed Adobe Shockwave Player 12.2.
20-12-2016 09:46:53 Removed Soluto

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/21/2016 09:49:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1710

Čas spuštění: 01d25b6668882d60

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 5c676f56-c75a-11e6-8294-70778175ee00

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (12/21/2016 09:35:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 854

Čas spuštění: 01d25b6481c561d0

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 776494b4-c758-11e6-8294-70778175ee00

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (12/21/2016 09:30:02 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

Error: (12/20/2016 10:28:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Ryse.exe, verze: 1.0.0.153, časové razítko: 0x54452774
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2bcac
Kód výjimky: 0x40000015
Posun chyby: 0x00000000000761c9
ID chybujícího procesu: 0x1d98
Čas spuštění chybující aplikace: 0x01d25afbd1ec3c1d
Cesta k chybující aplikaci: C:\Program Files (x86)\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\MSVCR100.dll
ID zprávy: 3cf436b7-c6fb-11e6-8293-70778175ee00
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (12/20/2016 12:43:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/20/2016 12:38:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 110c

Čas spuštění: 01d25ab4cbad1b22

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: c0cdf034-c6a8-11e6-8293-70778175ee00

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (12/20/2016 12:13:49 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.

Error: (12/20/2016 11:39:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 12a4

Čas spuštění: 01d25aac98605e98

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 88abe275-c6a0-11e6-8292-70778175ee00

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Error: (12/20/2016 11:37:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LENOVO)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/20/2016 11:32:41 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.


System errors:
=============
Error: (12/21/2016 09:46:29 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {9AA46009-3CE0-458A-A354-715610A075E6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2016 09:45:58 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {9AA46009-3CE0-458A-A354-715610A075E6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2016 09:45:41 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {515980C3-57FE-4C1E-A561-730DD256AB98} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2016 09:45:28 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO)
Description: Server {9AA46009-3CE0-458A-A354-715610A075E6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2016 09:37:34 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20

Error: (12/21/2016 09:28:51 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/21/2016 09:23:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/21/2016 09:23:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (12/20/2016 12:33:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Advanced SystemCare Service 10 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/20/2016 12:10:39 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.


CodeIntegrity:
===================================
  Date: 2016-12-20 12:30:04.906
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:29:52.626
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:29:44.731
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:29:34.893
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:29:25.049
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:29:17.685
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:29:05.880
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:28:58.489
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:28:49.348
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-20 12:27:01.898
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz
Percentage of memory in use: 20%
Total physical RAM: 16296.27 MB
Available physical RAM: 12974.38 MB
Total Virtual: 16296.27 MB
Available Virtual: 13114.39 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:889.74 GB) (Free:460.28 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 903FB2BC)

Partition: GPT.

==================== End of Addition.txt ============================