Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2017
Ran by tomas (11-08-2017 19:49:03)
Running from D:\Download
Windows 10 Pro Version 1703 (X64) (2017-04-15 12:06:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-766734237-2501160734-1320901624-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-766734237-2501160734-1320901624-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-766734237-2501160734-1320901624-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-766734237-2501160734-1320901624-501 - Limited - Disabled)
tomas (S-1-5-21-766734237-2501160734-1320901624-1001 - Administrator - Enabled) => C:\Users\tomas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{DCAFF63A-A26F-4809-A00D-27AD6733ACB3}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{C7B0C705-9987-44A2-B495-4101DAEDBFE0}) (Version: 2.6.2.4 - Intel) Hidden
@BIOS B15.0630.1 (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) Hidden
@BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
µTorrent (HKU\S-1-5-21-766734237-2501160734-1320901624-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20095 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Skybox Labs)
Aktualizace NVIDIA 24.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 24.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
ARM Toolchain (HKLM-x32\...\{DF70319A-0FF8-40AA-AF3C-BDCF25566685}) (Version: 7.0.1004 - Atmel) Hidden
Atmel Driver Files (HKLM-x32\...\{6F7D7F68-DBBF-45E2-ADE8-B78E72C2D1C1}) (Version: 7.1.16 - Atmel Corporation)
Atmel LibUSB0 Driver (x64) (HKLM\...\{C1F86585-CDAC-4ABE-B163-161DDBCC4332}) (Version: 7.0.125 - Atmel)
Atmel Segger USB Drivers (501e) (HKLM-x32\...\{156C0C95-4DDE-4F88-97A0-5EEE22269CE3}) (Version: 7.0.417 - Atmel)
Atmel Software Framework (HKLM-x32\...\{E3F0760B-113D-4271-A2BE-B97752BF0B33}) (Version: 7.0.1186 - Atmel) Hidden
Atmel Studio 7.0 (HKLM-x32\...\{9b226216-cf50-48b3-a6e2-3dd5a9b3406d}) (Version: 7.0.1188 - Atmel)
Atmel Studio Development Environment (HKLM-x32\...\{D1E22058-E061-42D1-A710-C11FAFF3E252}) (Version: 7.0.1188 - Atmel) Hidden
Atmel WinDriver (HKLM-x32\...\{FAF2A9D1-33C8-48FF-8FD5-20075A53AB9C}) (Version: 7.0.23 - Atmel)
Atmel WinUSB (HKLM-x32\...\{22D3C72E-42F9-4B0F-B331-E0AA134ADF76}) (Version: 6.2.32 - Atmel)
AVR32 Device Support (HKLM-x32\...\{B4FF8137-23C8-4AC9-BC91-6A25E317D374}) (Version: 7.0.1183 - Atmel) Hidden
AVR32 Toolchain 7.0 (HKLM-x32\...\{8AF6AD1C-A2DE-412D-9FEE-ECF60AD534BB}) (Version: 7.0.536 - Atmel) Hidden
AVR8 Device Support (HKLM-x32\...\{C64B8FC0-9017-4BDC-972A-F8F7AD8903E0}) (Version: 7.0.1188 - Atmel) Hidden
AVR8 Toolchain (HKLM-x32\...\{3E4193B4-89BB-4576-9C8F-ADF3439D0B33}) (Version: 7.0.1185 - Atmel) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlestate Games Launcher 0.2.1.138 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.2.1.138 - Battlestate Games)
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 -  GIGABYTE)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive - SDK (HKLM\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Delta Force (HKLM\...\Steam App 32620) (Version:  - NovaLogic)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
DOOM (HKLM-x32\...\DOOM_is1) (Version: 6.1.1.808 - Bethesda Softworks)
EAGLE 8.0.1 (HKLM\...\{0177B62A-1E59-491C-BB6C-656E01172392}_is1) (Version: 8.0.1 - Autodesk, Inc.)
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE)
GlassWire 1.2 (remove only) (HKLM-x32\...\GlassWire 1.2) (Version: 1.2.100 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version:  - Torn Banner Studios)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66307462-7d19-4f1a-af82-aa04b6017f05}) (Version: 2.6.2.4 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
KiCad 4.0.6 (HKLM-x32\...\KiCad) (Version: 4.0.6 - KiCad)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Last Man Standing (HKLM\...\Steam App 506540) (Version:  - Free Reign Entertainment)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-766734237-2501160734-1320901624-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2015 Shell (Isolated) (HKLM-x32\...\{d2981c27-a434-4c9a-96c7-0209e97c4eac}) (Version: 14.0.23107.10 - Microsoft Corporation)
Middle-earth™: Shadow of Mordor™ (HKLM\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.1.0.1400 - Maxthon International Limited)
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
NetWorx 5.5.5 (HKLM\...\NetWorx_is1) (Version:  - Softperfect)
No Man's Sky (HKLM\...\Steam App 275850) (Version:  - Hello Games)
NVIDIA GeForce Experience 3.5.0.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.76 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.5.0.76 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 5.1.22 (HKLM\...\{8D5E4D4D-5E0C-4448-B018-5DDEF1E208D9}) (Version: 5.1.22 - Oracle Corporation)
Original War (HKLM\...\Steam App 235320) (Version:  - Altar Games)
Original War (HKLM-x32\...\original war) (Version:  - )
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
Project Argo (Prototype) (HKLM\...\Steam App 530700) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
SAM Device Support (HKLM-x32\...\{DB11FEB8-396C-4CBC-8DE1-399D67AFCB99}) (Version: 7.0.1186 - Atmel) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.76 - NVIDIA Corporation) Hidden
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE)
South Park - The Stick of Truth verzia 1.0.1380/83 (HKLM-x32\...\South Park - The Stick of Truth_is1) (Version: 1.0.1380/83 - CzTorrent.net)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
SPORE™ Collection (HKLM-x32\...\1948823323_is1) (Version: 3.1.0.22 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The.Walking.Dead.A.New.Frontier.Episode.1.And.2.REPACK-KaOs Uninstaller v3.0 (HKLM-x32\...\The.Walking.Dead.A.New.Frontier.Episode.1.And.2.~E88ECFE2_is1) (Version: 3.0 - KaOsKrew)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Wings 3D 2.1.5 (HKLM-x32\...\Wings 3D 2.1.5) (Version:  - )
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0632AEF8-59EC-4E2B-87D3-7AE106E8C61B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation)
Task: {0D90D93C-33C4-4FD7-8D36-DB90D5777D4C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-26] (NVIDIA Corporation)
Task: {272FA3D2-6F90-4354-94DD-542116E66725} - System32\Tasks\CCleanerSkipUAC => D:\programy\ccleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {2CF7F1D2-26F3-4679-A901-4F25487DD297} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-26] (Google Inc.)
Task: {3019DF4E-EC87-48E3-88DA-213899361C44} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {34462BF0-CED1-449F-BDC3-173B48D605CF} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {4C316E02-B0E6-42B1-82CD-9F06397DD49E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
Task: {4CE6B479-2DFD-421F-BFC1-3EC0C43492EF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation)
Task: {9AF6B09B-4036-44C9-9B2C-0A5A21D9B80F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation)
Task: {B4CEBFF5-54FE-4598-9C41-0B3BC2E11018} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {E0362992-288A-4C78-AAE8-F2196FC7257D} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-24] (Samsung Electronics Co. Ltd.)
Task: {E6161D15-9B67-4EFB-829F-11A9DB13A6F9} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [2017-06-12] (Maxthon International ltd.)
Task: {E69CAD0E-E660-45D2-B1DF-6CB707B80AA9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-26] (NVIDIA Corporation)
Task: {EA6ECF8C-0B62-45BD-B408-50638D2BDB26} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation)
Task: {F136416D-7963-4C2F-B337-262C1893E853} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-26] (Google Inc.)
Task: {F6177B8A-778D-4BD6-A63B-CA38D52D856E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-26] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-12-26 16:49 - 2017-04-26 07:40 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-14 21:39 - 2017-03-14 21:39 - 001663368 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2016-11-17 23:05 - 2016-11-17 23:05 - 000156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-17 10:51 - 2017-07-17 10:53 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-17 10:51 - 2017-07-17 10:53 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-17 10:51 - 2017-07-17 10:53 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-17 10:51 - 2017-07-17 10:53 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-23 16:55 - 2017-05-23 16:55 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-25 11:35 - 2017-07-25 11:36 - 010631168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-07-25 11:35 - 2017-07-25 11:36 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-07-22 09:33 - 2017-07-22 09:35 - 004323328 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.1862.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-06-13 15:44 - 2017-06-13 15:45 - 003500456 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.1862.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-03-14 21:40 - 2017-03-14 21:40 - 000078216 _____ () C:\Program Files (x86)\SurfEasy VPN\client\ZLIB1.dll
2017-03-21 12:19 - 2017-03-21 12:19 - 000178128 _____ () D:\programy\glass\GlassWire\EasyHook32.dll
2017-06-19 15:47 - 2017-05-12 12:56 - 017833560 _____ () C:\Program Files (x86)\Maxthon5\Core\plugins\pepflashplayer.dll
2016-12-26 16:49 - 2017-04-26 07:40 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-26 16:49 - 2017-04-26 07:39 - 065708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-12-26 16:49 - 2017-04-26 07:03 - 002442360 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-12-26 16:49 - 2017-04-26 07:03 - 000361920 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-12-26 16:49 - 2017-04-26 07:03 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-12-26 16:49 - 2017-04-26 07:03 - 000384120 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-12-26 16:49 - 2017-04-26 07:03 - 000467392 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-12-26 16:49 - 2017-04-26 07:03 - 000572024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-06-19 15:47 - 2017-05-12 12:56 - 001900320 _____ () C:\Program Files (x86)\Maxthon5\Core\libglesv2.dll
2017-06-19 15:47 - 2017-05-12 12:56 - 000092448 _____ () C:\Program Files (x86)\Maxthon5\Core\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\tomas:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: EAGLESCR => "C:\EAGLE 8.0.1\eagle.exe" "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2017-02-02 22:04 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-766734237-2501160734-1320901624-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.3.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "PreRun"
HKU\S-1-5-21-766734237-2501160734-1320901624-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-766734237-2501160734-1320901624-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-766734237-2501160734-1320901624-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{3A51F4D4-DA08-4E9B-9CF3-4655FA9072C5}D:\steam hry\steamapps\common\lms\lms.exe] => (Allow) D:\steam hry\steamapps\common\lms\lms.exe
FirewallRules: [TCP Query User{77DF8BE5-FC0E-48B6-98BD-71E2246E4A5B}D:\steam hry\steamapps\common\lms\lms.exe] => (Allow) D:\steam hry\steamapps\common\lms\lms.exe
FirewallRules: [UDP Query User{3B3032E2-1F7A-4CD9-AFE6-CFED0FE6C4EB}D:\steam hry\steamapps\common\lms\launcher.exe.new.exe] => (Allow) D:\steam hry\steamapps\common\lms\launcher.exe.new.exe
FirewallRules: [TCP Query User{EC98B7AD-4164-41A2-B1EC-8696FA17E956}D:\steam hry\steamapps\common\lms\launcher.exe.new.exe] => (Allow) D:\steam hry\steamapps\common\lms\launcher.exe.new.exe
FirewallRules: [UDP Query User{05F37131-0F11-445B-B277-481C5B7CBF76}D:\steam hry\steamapps\common\project argo (prototype)\argo.exe] => (Allow) D:\steam hry\steamapps\common\project argo (prototype)\argo.exe
FirewallRules: [TCP Query User{5F6E92D2-35EB-48BC-B857-99DC9AEFE71E}D:\steam hry\steamapps\common\project argo (prototype)\argo.exe] => (Allow) D:\steam hry\steamapps\common\project argo (prototype)\argo.exe
FirewallRules: [{4FB3E85D-F336-4B60-81C2-687AEACA4F87}] => (Allow) C:\Program Files (x86)\Atmel\Studio\7.0\AtmelStudio.exe
FirewallRules: [{0C1BCE80-028A-4DD6-9E0B-C4A162EECA27}] => (Allow) C:\Program Files (x86)\Atmel\Studio\7.0\atbackend\atbackend.exe
FirewallRules: [UDP Query User{C2791BFB-BF79-4DB2-8B08-0B60F3592C48}D:\steam hry\steamapps\common\project argo (prototype)\argo.exe] => (Allow) D:\steam hry\steamapps\common\project argo (prototype)\argo.exe
FirewallRules: [TCP Query User{DA9240BD-5B82-4DDE-88E3-1C841B257376}D:\steam hry\steamapps\common\project argo (prototype)\argo.exe] => (Allow) D:\steam hry\steamapps\common\project argo (prototype)\argo.exe
FirewallRules: [{C3D2E0F2-6EC7-44A7-82B0-C29AC65EA54E}] => (Allow) D:\steam hry\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{6AD79E3E-A2EA-4484-B025-CDAFCF7638AB}] => (Allow) D:\steam hry\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [UDP Query User{C5B33200-6436-405F-B723-05F0C36C8092}D:\hry\doom\doomx64vk.exe] => (Block) D:\hry\doom\doomx64vk.exe
FirewallRules: [TCP Query User{F1870F21-E9EC-46E0-9F17-3ADDC57BBC0B}D:\hry\doom\doomx64vk.exe] => (Block) D:\hry\doom\doomx64vk.exe
FirewallRules: [UDP Query User{7B6E52E6-50C5-4F69-8A84-1EC967B9A97C}D:\hry\doom\doomx64.exe] => (Block) D:\hry\doom\doomx64.exe
FirewallRules: [TCP Query User{A42A7137-FE37-446A-9069-242E18AFEFF4}D:\hry\doom\doomx64.exe] => (Block) D:\hry\doom\doomx64.exe
FirewallRules: [{2BDBF8FC-4ED7-4935-8235-7C5AF1806973}] => (Allow) D:\steam hry\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{AA63BB71-A92C-47D6-B675-5E8AD66C9806}] => (Allow) D:\steam hry\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C53C7A47-9698-4B24-BEDF-C13001E7A254}] => (Allow) D:\steam hry\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{FC2C410D-D0DF-4C3E-996C-8AEA5431DD7C}] => (Allow) D:\steam hry\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{DEF29F23-0BF1-4216-BA94-0E85179DCC24}] => (Allow) D:\steam hry\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{59845EFA-A3D9-4E7A-9200-35203EEED0E3}] => (Allow) D:\steam hry\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{ADD17731-8BAF-4F42-AC38-4481B468B561}] => (Allow) D:\programy\NetWorx\networx.exe
FirewallRules: [{8ADEA11C-9B07-4A60-A681-09A848FB559B}] => (Allow) D:\steam hry\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0AC48988-4585-4076-B13A-EB73A3798066}] => (Allow) D:\steam hry\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{647EE329-76B3-47A8-9664-DF588035609D}] => (Allow) D:\steam hry\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{1AD207AE-8311-4336-9F07-671ACAB810F5}] => (Allow) D:\steam hry\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{467050FF-5C34-453B-BF57-4F1E2E87AD03}] => (Allow) D:\steam hry\steamapps\common\Delta Force\Df.exe
FirewallRules: [{7101BC42-9FB9-4F1B-9B43-512307F78703}] => (Allow) D:\steam hry\steamapps\common\Delta Force\Df.exe
FirewallRules: [{EB82F73C-2770-42A3-9B8E-7716941FD8BE}] => (Allow) D:\steam hry\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{8BEB5ACF-E281-4663-A18F-ED342F1826F8}] => (Allow) D:\steam hry\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{BD00728F-C382-4429-BE47-94C6E4BB5793}] => (Allow) D:\steam hry\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{AB6B9EE0-C39B-4603-8CC1-1FB1F31E6A7B}] => (Allow) D:\steam hry\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{006D6ED1-1382-47F0-982A-A3799F340C2F}] => (Allow) D:\steam hry\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{7B56B298-9386-4A85-BD5E-44AF7A09150A}] => (Allow) D:\steam hry\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{03D0F1FC-0324-47AB-A5A9-379F22345BCC}] => (Allow) D:\steam hry\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{F5DC70F5-A3AE-439C-9533-A3182E82E074}] => (Allow) D:\steam hry\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{6BA246E6-5BB0-4052-BFC9-CE1ABC51BEA3}] => (Allow) D:\steam hry\steamapps\common\Original War\Owar.exe
FirewallRules: [{288D85AB-AEC8-438D-87F5-D10007602B3D}] => (Allow) D:\steam hry\steamapps\common\Original War\Owar.exe
FirewallRules: [{6735E0A6-083F-4035-9D8D-1A9FA2C63E7B}] => (Allow) D:\steam hry\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{D27E4884-A7FD-49CD-B901-97DA8AB082F7}] => (Allow) D:\steam hry\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{B28C7865-35D6-47C7-8501-06BA085027BD}] => (Allow) D:\programy\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F8DF32E3-E30C-43BC-BD3B-7643306F3FF0}] => (Allow) D:\programy\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0282EBA0-16DB-4D66-BD77-221B51805E03}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\MxUp.exe
FirewallRules: [{95058C3F-0484-4387-8402-54D120E8FA23}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\MxUp.exe
FirewallRules: [{4575D464-D16A-4B20-8B32-37BF9D3F73FF}] => (Allow) D:\programy\steam\Steam.exe
FirewallRules: [{B6B8040B-8F14-48AC-A5AB-D24CDADAADDE}] => (Allow) D:\programy\steam\Steam.exe
FirewallRules: [{9D35B000-3066-42F8-8768-8B26A52491AD}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{19C40490-12AD-45C3-8845-543A2487F9FB}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5EC67D4-4BE0-47BE-8A0E-C2B821D78ABC}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{938827DC-B9D1-4AF7-9F6E-D1294F58EDF5}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{72FF3F14-B91F-4F91-9A5B-C2CAEEA8E0BC}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BA7B1E63-79F6-4183-B41A-844D81FD5B90}] => (Allow) C:\Users\tomas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{22493D1C-78C0-4EFD-AA40-F0E10220BD69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{763A140D-BC91-4459-9247-18BB97E65D6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{588C4BCD-513B-4954-9E59-A1B3B9AA5F9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1582875D-8B6F-4F47-AABF-B39790D724A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{83FCAB0D-003B-463B-A2E3-B8C306501590}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5C76D702-AEB5-4D4B-8EB1-46945FF1083F}] => (Allow) D:\programy\glass\GlassWire\GWCtlSrv.exe
FirewallRules: [{80D98397-FCAE-445C-9C99-A8A1B8787A36}] => (Allow) D:\programy\glass\GlassWire\GWCtlSrv.exe
FirewallRules: [{2638D2CC-1241-408A-9AC5-B1E102EC8DAA}] => (Block) c:\program files (x86)\nvidia corporation\nvidia geforce experience\nvidia share.exe
FirewallRules: [{923488E4-BB1F-46D5-91CD-D7229A31C86C}] => (Block) c:\program files (x86)\nvidia corporation\nvidia geforce experience\nvidia share.exe
FirewallRules: [{A331C10A-ECF0-499E-827B-9CC60FCFFC9B}] => (Block) c:\program files (x86)\nvidia corporation\nvtelemetry\nvtelemetrycontainer.exe
FirewallRules: [{E1DFFFB3-FBAF-4E41-B2BE-F59536EFE2A9}] => (Block) c:\program files (x86)\nvidia corporation\nvtelemetry\nvtelemetrycontainer.exe
FirewallRules: [{C333D898-419D-42FA-B8AF-680D22AC1FF7}] => (Block) c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe
FirewallRules: [{6A6E6BBE-A93F-4874-A25A-6C5250E056DF}] => (Block) c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe
FirewallRules: [{916983FC-66D9-4443-8739-2F0AE8AE49EF}] => (Block) c:\program files (x86)\nvidia corporation\nvcontainer\nvcontainer.exe
FirewallRules: [{F866F2D2-9283-401E-934F-34D808A00090}] => (Block) c:\program files (x86)\nvidia corporation\nvcontainer\nvcontainer.exe
FirewallRules: [{25C37919-F292-4CBC-BE5C-C1A7F1CD008A}] => (Block) c:\windows\system32\wermgr.exe
FirewallRules: [{BFF0497F-7F79-4174-B44F-0A0B847A445D}] => (Block) c:\windows\system32\wermgr.exe
FirewallRules: [{BB901A24-60CD-4A15-B6B6-F7F17A6D3E33}] => (Block) c:\users\tomas\appdata\roaming\maxthon5\public\mxup\mxup.exe
FirewallRules: [{B994C381-10D4-41EE-A5AD-10E59DA2ED19}] => (Block) c:\users\tomas\appdata\roaming\maxthon5\public\mxup\mxup.exe
FirewallRules: [{47911422-45C7-4616-B141-10D936D0B71B}] => (Block) c:\program files\nvidia corporation\update core\nvprofileupdater64.exe
FirewallRules: [{2E5D1EA5-4487-4E32-8988-267622709456}] => (Block) c:\program files\nvidia corporation\update core\nvprofileupdater64.exe
FirewallRules: [{5535AEC6-8A0F-4D85-936D-5C485CE72971}] => (Block) c:\program files (x86)\nvidia corporation\nvnode\nvidia web helper.exe
FirewallRules: [{4F5BD4C7-E087-4E02-A14F-55F5A076D65D}] => (Block) c:\program files (x86)\nvidia corporation\nvnode\nvidia web helper.exe
FirewallRules: [{F47F6203-A7F8-4DC6-A994-0E036024136A}] => (Allow) D:\steam hry\steamapps\common\Project Argo (Prototype)\argobattleye.exe
FirewallRules: [{BE5382C5-EBAE-4C52-BC9C-447981FF24B0}] => (Allow) D:\steam hry\steamapps\common\Project Argo (Prototype)\argobattleye.exe
FirewallRules: [{58E48C28-7968-4033-9185-5D833264BD70}] => (Allow) D:\steam hry\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{9194BC63-9411-4320-B68B-90ACD31E0745}] => (Allow) D:\steam hry\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{C73F20BB-A0CC-4FBB-90A6-FBC70735AB01}D:\steam hry\steamapps\common\original war\owarogl.exe] => (Allow) D:\steam hry\steamapps\common\original war\owarogl.exe
FirewallRules: [UDP Query User{80362DFA-1FEF-4B81-898F-7BEBD97DFBCE}D:\steam hry\steamapps\common\original war\owarogl.exe] => (Allow) D:\steam hry\steamapps\common\original war\owarogl.exe
FirewallRules: [{3C6B580A-87B4-42F7-AF82-256B1C67FC57}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
FirewallRules: [{E44146C8-5E75-492D-A7F1-CF66E4A0ACBB}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe
FirewallRules: [TCP Query User{857179B6-25A3-43C2-9C19-9E4716867BD2}C:\users\tomas\documents\sit\dad\winbox.exe] => (Allow) C:\users\tomas\documents\sit\dad\winbox.exe
FirewallRules: [UDP Query User{67B92C56-B3A7-449C-9259-C78C5D81202A}C:\users\tomas\documents\sit\dad\winbox.exe] => (Allow) C:\users\tomas\documents\sit\dad\winbox.exe
FirewallRules: [{68A3F172-6536-4284-A39B-EE37573A21F0}] => (Allow) D:\programy\steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{9447F4D7-C178-41ED-BF37-36818480E0B1}] => (Allow) D:\programy\steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{8A13A8B6-5BAB-44E2-A638-D27F5CC0B7EA}D:\steam hry\steamapps\common\lms\launcher.exe] => (Allow) D:\steam hry\steamapps\common\lms\launcher.exe
FirewallRules: [UDP Query User{EB288C0C-E28B-4943-A249-D95F6F80E668}D:\steam hry\steamapps\common\lms\launcher.exe] => (Allow) D:\steam hry\steamapps\common\lms\launcher.exe
FirewallRules: [TCP Query User{6A39A370-3F2E-450B-ABE3-D6816E5903C6}D:\steam hry\steamapps\common\lms\launcher.exe] => (Allow) D:\steam hry\steamapps\common\lms\launcher.exe
FirewallRules: [UDP Query User{FF5EA768-219D-46AE-B2AB-372CB50B6674}D:\steam hry\steamapps\common\lms\launcher.exe] => (Allow) D:\steam hry\steamapps\common\lms\launcher.exe
FirewallRules: [{FD5094B0-DBCB-4524-9577-7AD02574D07D}] => (Allow) D:\steam hry\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{D70FB81F-DB6E-4DDD-B3F3-56B0E0D5976D}] => (Allow) D:\steam hry\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [TCP Query User{45864013-D325-4A7D-B863-C640965D87FF}D:\hry\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) D:\hry\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{288C293F-B10D-4FF4-9968-48D50814CFFC}D:\hry\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe] => (Allow) D:\hry\heroes of the storm\versions\base55844\heroesofthestorm_x64.exe
FirewallRules: [{EE45AE0B-3726-427C-8304-C5A2872FF49A}] => (Allow) D:\programy\steam\steamapps\common\LMS\Launcher.exe
FirewallRules: [{BACC4314-909A-4571-8AF1-D71C9FEC492C}] => (Allow) D:\programy\steam\steamapps\common\LMS\Launcher.exe
FirewallRules: [TCP Query User{E5E05ED7-3BD9-4E32-AD6F-AC6C16D86FD4}D:\programy\steam\steamapps\common\lms\lms.exe] => (Allow) D:\programy\steam\steamapps\common\lms\lms.exe
FirewallRules: [UDP Query User{8049212E-95C4-42CC-971E-639B4264D9CE}D:\programy\steam\steamapps\common\lms\lms.exe] => (Allow) D:\programy\steam\steamapps\common\lms\lms.exe
FirewallRules: [TCP Query User{00C6ADB1-2743-4022-AD74-6676CB7FCAFF}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe
FirewallRules: [UDP Query User{6575448F-DCFE-43C5-8358-78CD7F299991}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe
FirewallRules: [{2A7438C8-AAC4-41A6-9B36-32E8D37794AD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

25-07-2017 16:18:22 Nainstalováno rozhraní DirectX
01-08-2017 18:04:22 Naplánovaný kontrolní bod
10-08-2017 16:27:23 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2017 07:32:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Plumbytes.exe, verze: 1.0.0.0, časové razítko: 0x592aefec
Název chybujícího modulu: d3d9.dll, verze: 10.0.15063.0, časové razítko: 0x631de416
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000fd0c
ID chybujícího procesu: 0x1d24
Čas spuštění chybující aplikace: 0x01d312c7d4d51067
Cesta k chybující aplikaci: C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d9.dll
ID zprávy: 26c02cd8-ab91-4c68-ac86-261fe3037320
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (08/11/2017 07:32:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Plumbytes.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00007FFB94A5FD0C

Error: (08/11/2017 07:32:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Plumbytes.exe, verze: 1.0.0.0, časové razítko: 0x592aefec
Název chybujícího modulu: d3d9.dll, verze: 10.0.15063.0, časové razítko: 0x631de416
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000fd0c
ID chybujícího procesu: 0x31a8
Čas spuštění chybující aplikace: 0x01d312c7ce92a7ec
Cesta k chybující aplikaci: C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d9.dll
ID zprávy: 91964318-dfe0-448f-a5cd-02be31c3edca
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (08/11/2017 07:32:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Plumbytes.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00007FFB94A5FD0C

Error: (08/11/2017 07:32:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Plumbytes.exe, verze: 1.0.0.0, časové razítko: 0x592aefec
Název chybujícího modulu: d3d9.dll, verze: 10.0.15063.0, časové razítko: 0x631de416
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000fd0c
ID chybujícího procesu: 0x32ec
Čas spuštění chybující aplikace: 0x01d312c7c5489c5b
Cesta k chybující aplikaci: C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d9.dll
ID zprávy: e8567cc1-a93f-4f7b-b168-9c2fdfa50914
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (08/11/2017 07:32:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Plumbytes.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00007FFB94A5FD0C

Error: (08/11/2017 07:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Plumbytes.exe, verze: 1.0.0.0, časové razítko: 0x592aefec
Název chybujícího modulu: d3d9.dll, verze: 10.0.15063.0, časové razítko: 0x631de416
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000fd0c
ID chybujícího procesu: 0x904
Čas spuštění chybující aplikace: 0x01d312c7add56263
Cesta k chybující aplikaci: C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d9.dll
ID zprávy: 5ec981d1-9fae-479a-85dc-59e6ec69b5a3
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (08/11/2017 07:31:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Plumbytes.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00007FFB94A5FD0C

Error: (08/11/2017 03:50:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SteelSeriesEngine.exe, verze: 2.9.2014.1, časové razítko: 0x5436e58e
Název chybujícího modulu: d3d9.dll, verze: 6.2.15063.0, časové razítko: 0x631de416
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000fd0c
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xSteelSeriesEngine.exe0
Cesta k chybující aplikaci: SteelSeriesEngine.exe1
Cesta k chybujícímu modulu: SteelSeriesEngine.exe2
ID zprávy: SteelSeriesEngine.exe3
Úplný název chybujícího balíčku: SteelSeriesEngine.exe4
ID aplikace související s chybujícím balíčkem: SteelSeriesEngine.exe5

Error: (08/10/2017 03:49:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: BsgLauncher.exe, verze: 0.2.1.138, časové razítko: 0x59805257
Název chybujícího modulu: d3d9.dll, verze: 10.0.15063.0, časové razítko: 0x631de416
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000fd0c
ID chybujícího procesu: 0x29a8
Čas spuštění chybující aplikace: 0x01d311df83b696d8
Cesta k chybující aplikaci: D:\steam hry\steamapps\common\BsgLauncher\BsgLauncher.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\d3d9.dll
ID zprávy: 329e18fe-65e5-4e58-827a-8359a21b4942
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (08/11/2017 07:46:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:45:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:42:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:42:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:39:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:38:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:35:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:34:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:31:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek byla ukončena s následující chybou: 
Proud není drobný (tiny).

Error: (08/11/2017 07:31:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba AMW Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================
  Date: 2017-07-19 22:12:23.013
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 22:12:22.004
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 22:12:21.003
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 22:12:20.001
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 21:48:46.572
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 21:48:45.562
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 21:48:44.561
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 21:48:43.556
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 21:48:18.145
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 21:48:17.135
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 21%
Total physical RAM: 16328.16 MB
Available physical RAM: 12827.96 MB
Total Virtual: 18760.16 MB
Available Virtual: 15121.38 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:232.44 GB) (Free:167.68 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.41 GB) (Free:204.63 GB) NTFS
Drive e: (VERBATIM HD) (Fixed) (Total:465.76 GB) (Free:12.6 GB) NTFS
Drive f: (vivik) (Removable) (Total:14.47 GB) (Free:5.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B94CD7AB)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: BAA81199)
Partition 1: (Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 830325F3)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 14.5 GB) (Disk ID: 009C13E0)
Partition 1: (Active) - (Size=14.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================