Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
Ran by Tom78 (02-07-2017 12:25:38)
Running from C:\Users\Tom78\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-11-06 21:06:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4101578857-3757837661-3053645589-500 - Administrator - Disabled)
Guest (S-1-5-21-4101578857-3757837661-3053645589-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4101578857-3757837661-3053645589-1002 - Limited - Enabled)
Tom78 (S-1-5-21-4101578857-3757837661-3053645589-1000 - Administrator - Enabled) => C:\Users\Tom78

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis Disk Director (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Aktualizace NVIDIA 25.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2302 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Disney Princezna - Kouzelná cesta (HKLM-x32\...\{E375D72E-5343-4F73-986C-1B00C35F1DFC}) (Version: 1.0 - Disney Interactive Studios)
DLL Suite 9.0 (HKLM-x32\...\{E557052E-9828-40E4-BFF6-311D3E89DB81}_is1) (Version: 9.0.0.0 - )
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
Farming Simulator 17 (HKLM\...\Steam App 447020) (Version:  - Giants Software)
Freemake Video Converter verze 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Garfield (HKLM-x32\...\{7C3A6A3C-4F55-4025-BB8C-7DFBDF090620}) (Version: 1.0 - )
Garfield Kart version 1.0 (HKLM-x32\...\{875B81E7-7B9A-440B-B7D8-B35744A49581}_is1) (Version: 1.0 - Anuman)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
ICQ6.5 (HKLM-x32\...\{60DE4033-9503-48D1-A483-7846BD217CA9}) (Version: 6.5 - ICQ)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Kyodai Mahjongg 2006 v1.2 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version:  - Rene-Gilles Deberdt)
Mafia III (HKLM\...\Steam App 360430) (Version:  - Hangar 13)
Malwarebytes verze 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 cs)) (Version: 54.0.1 - Mozilla)
Novus Inceptio (HKLM\...\Steam App 386590) (Version:  - McMagic Productions)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Organizér (HKLM-x32\...\{4154BF17-EE1F-4F25-9696-2FF191FE0787}) (Version: 5.3.5.1 - Fireluke Software)
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.53 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden
SeaMonkey 2.46 (x86 cs) (HKLM-x32\...\SeaMonkey 2.46 (x86 cs)) (Version: 2.46 - Mozilla)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH)
The Settlers Online (HKLM\...\Steam App 354640) (Version:  - Blue Byte)
Tom Clancy's Ghost Recon Wildlands (HKLM-x32\...\Uplay Install 1771) (Version:  - Ubisoft)
Tony Hawks Pro Skater HD verze 1.1 (HKLM-x32\...\{B237974A-A9DB-4A1A-9ABF-4CFA4050F646}_is1) (Version: 1.1 - tomi2k9)
Uplay (HKLM-x32\...\Uplay) (Version: 24.0.2 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05156AAB-45C4-44AD-BEB4-EDE0FA73005F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {2EA62DBA-A4B1-45D8-9C35-6F39CB8BCB48} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {6D1D5319-E066-4A5C-8522-2E6BE69AB143} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {6FF4A57E-BCCF-4D9D-ADE0-DC55EBB76F88} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {75E4097C-4A5E-43E5-B3C4-556A55E2B168} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {B25FD215-B7F8-438E-AA78-EA588057609D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-06-26] (AVAST Software)
Task: {C3D0A14B-1F62-4C36-AEA7-7BBDDAD6A8C9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {C63DB708-6704-4101-9189-3729CD29C555} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {DB57A625-286F-4070-8A8D-35719E021F73} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {DCEB13CA-609D-42B9-95F3-09280E7F67D8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-07 00:33 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-26 15:39 - 2017-06-26 15:39 - 00170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-06-26 15:39 - 2017-06-26 15:39 - 00192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-06-26 15:39 - 2017-06-26 15:39 - 00224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-07-02 00:30 - 2017-07-02 00:30 - 05784984 _____ () C:\Program Files\AVAST Software\Avast\defs\17070100\algo.dll
2017-06-26 15:39 - 2017-06-26 15:39 - 00689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-06-26 15:39 - 2017-06-26 15:39 - 00231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-06-26 15:39 - 2017-06-26 15:39 - 01038952 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-06-26 15:39 - 2017-06-26 15:39 - 67109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-06-26 15:39 - 2017-06-26 15:39 - 00292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-06-29 11:07 - 2017-06-29 11:07 - 02962096 _____ () C:\Program Files\AVAST Software\Avast\aswDataScan.dll
2016-11-07 00:33 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-16 07:14 - 2015-10-16 07:14 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\100sexlinks.com -> 100sexlinks.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123found.com -> 123found.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\123keno.com -> 123keno.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\143fuck.com -> 143fuck.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\180solutions.com -> 180solutions.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1se.ru -> 1se.ru
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1sexparty.com -> 1sexparty.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stfind.com -> 1stfind.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\1stpagehere.com -> 1stpagehere.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\2020search.com -> 2020search.com
IE restricted site: HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\...\20x2p.com -> 20x2p.com

There are 1540 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-12-29 00:25 - 00000813 _____ C:\Windows\system32\Drivers\etc\hosts

 127.0.0.1       localhost 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4101578857-3757837661-3053645589-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom78\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32A89603-4C93-4E83-96AB-8DB858A5AB73}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe
FirewallRules: [{1D37AC3A-A0A0-46E5-9D31-40F1B00704D9}] => (Block) %SystemDrive%\Moje\DiskDirector\DiskDirector.exe
FirewallRules: [{4627AF50-AA74-4F11-A2EE-1E0831B8B696}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{72010F0D-291A-40AC-8BD2-6748CEBA14AE}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{617DECA8-AD45-4DD6-923C-025E44F583E8}] => (Allow) D:\Games\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe
FirewallRules: [{52B4D2CD-B2E1-41B5-85C9-BC1109F80D27}] => (Allow) D:\Games\Steam\steamapps\common\Novus Inceptio\NovusInceptio.exe
FirewallRules: [{58DBD20E-FE6E-4912-8F18-1242549E8C17}] => (Allow) D:\Games\Steam\steamapps\common\The Settlers Online\nw.exe
FirewallRules: [{24C0F2B8-61A1-400F-8333-85C097A251DF}] => (Allow) D:\Games\Steam\steamapps\common\The Settlers Online\nw.exe
FirewallRules: [{BECDBF40-F04A-4775-9CFB-CF83D711B4BE}] => (Allow) D:\Games\GTA\GTA5.exe
FirewallRules: [{BA325FD2-2A0B-4E7F-B087-0A1F459CC227}] => (Allow) D:\Games\GTA\GTA5.exe
FirewallRules: [{D13FF7BA-1793-432D-88D2-1CC4844CAF40}] => (Allow) D:\Games\Steam\bin\steamservice.exe
FirewallRules: [{A2DC8CF0-BB71-44CE-908D-2A715E6FBF79}] => (Allow) D:\Games\Steam\bin\steamservice.exe
FirewallRules: [{A8428BF2-B651-4BFB-A229-5A159785B944}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{5AB598F2-4265-4261-B9BB-0ACCB703855B}] => (Allow) C:\Users\Tom78\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{A1296036-A739-4B45-9F10-B63EF3F283FB}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B404384D-FF74-42A2-8346-636E3ACA3142}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{ACB6C47E-410F-48BF-8EFF-90A8EE82AC80}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\launcher.exe
FirewallRules: [{17B90F82-3AFE-4351-B364-F27FCFDC663F}] => (Allow) D:\Games\Steam\steamapps\common\Mafia III\launcher.exe
FirewallRules: [{D7B3AC7A-7998-4FEA-A4BD-38178C2439DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6285380D-A088-407D-80D5-19BE71E41276}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{ED3982A9-E0EB-4DA8-B9C4-8DB93C31B3DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{979D82B3-9DDF-445E-B9A5-47A85A87244C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C8D66E2B-2CB1-437D-B82B-587D01BE5471}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3BD04120-842C-42DF-8B73-833BD61803A0}] => (Allow) D:\Games\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{61A3E730-0EB3-4ED5-A3E5-CEA440310833}] => (Allow) D:\Games\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{0096652F-6F7C-4739-858B-57F53BE830C8}] => (Allow) D:\Games\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{6431EBEC-5710-4BA1-B4D3-D61EEEBEBBBB}] => (Allow) D:\Games\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{9455041E-F3AA-4CDA-BD3F-19A0CAC2A7FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8D33F094-399E-4D59-8C70-82B5A9AF4B33}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9EB247D5-7954-4B85-B951-E4FBEFA20349}] => (Allow) D:\Games\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Wildlands\GRW.exe
FirewallRules: [{64038740-817D-436A-BF32-EF29F79ED758}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe
FirewallRules: [TCP Query User{755B0B4D-45F6-46C2-ABA6-C02BF7E9BFB1}D:\games\garfield kart\garfield kart\garfield_master7.exe] => (Block) D:\games\garfield kart\garfield kart\garfield_master7.exe
FirewallRules: [UDP Query User{140AD8F1-E7CC-433D-8736-211715AF64EF}D:\games\garfield kart\garfield kart\garfield_master7.exe] => (Block) D:\games\garfield kart\garfield kart\garfield_master7.exe
FirewallRules: [{A6218B3D-8438-47B5-AD92-0F0748153379}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe

==================== Restore Points =========================

18-06-2017 15:33:09 Instalováno Garfield
26-06-2017 17:39:42 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2017 09:04:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/02/2017 09:03:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5889d533
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23569, časové razítko: 0x57f7bc1f
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x5f0
Čas spuštění chybující aplikace: 0x01d2f30139139a53
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 8e950c11-5ef4-11e7-95a2-382c4a636c3b

Error: (07/02/2017 09:03:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
   at FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
   at FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/01/2017 08:29:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/01/2017 08:29:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5889d533
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23569, časové razítko: 0x57f7bc1f
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x7ec
Čas spuštění chybující aplikace: 0x01d2f297d2b8820b
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 31780b9a-5e8b-11e7-8945-382c4a636c3b

Error: (07/01/2017 08:28:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
   at FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
   at FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/01/2017 06:13:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 3.0.0.865, časové razítko: 0x584ee77c
Název chybujícího modulu: mbamtray.exe, verze: 3.0.0.865, časové razítko: 0x584ee77c
Kód výjimky: 0xc0000005
Posun chyby: 0x00053ec5
ID chybujícího procesu: 0x690
Čas spuštění chybující aplikace: 0x01d2f284e5fa24d2
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
ID zprávy: 281e2769-5e78-11e7-8351-382c4a636c3b

Error: (07/01/2017 10:17:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/01/2017 10:17:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5889d533
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23569, časové razítko: 0x57f7bc1f
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x520
Čas spuštění chybující aplikace: 0x01d2f24259f29a60
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: aad76196-5e35-11e7-8351-382c4a636c3b

Error: (07/01/2017 10:16:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
   at FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
   at FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
   at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


System errors:
=============
Error: (07/02/2017 09:04:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Freemake Improver byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/02/2017 09:03:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/02/2017 09:03:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (07/02/2017 09:02:33 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (07/02/2017 09:02:33 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (07/02/2017 09:02:25 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (07/02/2017 09:02:25 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (07/02/2017 09:02:25 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (07/01/2017 08:29:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Freemake Improver byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/01/2017 08:29:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


CodeIntegrity:
===================================
  Date: 2016-11-08 12:34:51.423
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-11-08 12:34:51.392
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\Tom78\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-11-08 12:34:50.519
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-11-08 12:34:50.487
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 23%
Total physical RAM: 8097.73 MB
Available physical RAM: 6224.18 MB
Total Virtual: 24291.38 MB
Available Virtual: 22532.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:126.95 GB) (Free:60.42 GB) NTFS
Drive d: (Hry) (Fixed) (Total:226.74 GB) (Free:28.97 GB) NTFS
Drive e: () (Fixed) (Total:134.65 GB) (Free:31.97 GB) NTFS
Drive f: () (Fixed) (Total:931.41 GB) (Free:46.36 GB) NTFS
Drive h: (Záloha) (Fixed) (Total:443.16 GB) (Free:31.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 82382C7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 12DF12DE)
Partition 1: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=804.6 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================