Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by MrPierc (31-10-2017 19:31:05)
Running from C:\Users\MrPierc\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-13 06:05:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-712972925-3502733572-2621328112-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-712972925-3502733572-2621328112-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-712972925-3502733572-2621328112-1001 - Limited - Disabled) => C:\Users\defaultuser0.DESKTOP-H9SP7OH
Guest (S-1-5-21-712972925-3502733572-2621328112-501 - Limited - Disabled)
MrPierc (S-1-5-21-712972925-3502733572-2621328112-1002 - Administrator - Enabled) => C:\Users\MrPierc

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-712972925-3502733572-2621328112-1002\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
Adobe (HKLM\...\{1A4DC65F-DD27-4BB3-B193-252885FB9C9A}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe (HKLM\...\{250E78D7-9109-480B-A923-9B7B9D743A94}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe (HKLM\...\{A6726233-096D-424F-A4B1-4244704738C1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe (HKLM\...\{C547A830-37D1-4594-ACA7-B4793741DAD0}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
adobe (HKLM\...\{EC66BEC2-2898-4568-A0B2-8046F0A57BAF}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe (HKLM\...\{FA26FC41-15CE-4632-A1C6-9E11927496B7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_0) (Version: 14.2.0 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Illustrator (HKLM\...\{780AAB64-C5AB-4CC5-9096-02F8671E5179}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_0) (Version: 22.0.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.5.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Media Encoder (HKLM\...\{DC90AE1B-5BDE-429A-8746-8891A3FF85E1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 388.00 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.51.8749 - Electronic Arts)
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version:  - )
encoder (HKLM\...\{816B3B8A-576A-4B1E-8C18-150BB3A9DD6C}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FastStone Image Viewer 6.2 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.2 - FastStone Soft)
FileZilla Client 3.27.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.0.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
K-Lite Codec Pack 12.9.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.9.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes verze 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-712972925-3502733572-2621328112-1002\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 56.0.2 (x64 cs)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.00 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.00 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.3.59240 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.00 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-712972925-3502733572-2621328112-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-12] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {105ED0EA-D2C0-45D7-BE3D-D27EB992DE2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-21] (Google Inc.)
Task: {108DDAEA-594F-4352-88BC-14076579200E} - System32\Tasks\Microsoft\Windows\RestartManager\{2EC6064F-A46B-43eb-83A0-ED8D75272756} => C:\WINDOWS\system32\rmclient.exe [2017-03-18] (Microsoft Corporation)
Task: {1869B79C-ABBC-40EB-8B4A-0F2E6F06F5EB} - System32\Tasks\Microsoft\Windows\RestartManager\{CB81D1B4-B2B1-4e31-B224-F96A6C87AD91} => C:\WINDOWS\system32\rmclient.exe [2017-03-18] (Microsoft Corporation)
Task: {1930257E-7301-4B4A-A164-37AF00E0E80E} - System32\Tasks\Microsoft\Windows\RestartManager\{F36E87B4-B502-48d1-B40C-47D1CAEA3F0E} => C:\WINDOWS\system32\rmclient.exe [2017-03-18] (Microsoft Corporation)
Task: {2DAB0B1A-4F4D-4743-92B9-627E2E9F8BA4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {386BF9D9-5B80-4DF1-9218-2F4D047343E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {43BEB568-AB9D-435D-A7D0-3F4703707671} - System32\Tasks\Microsoft\Windows\RestartManager\{4AF3F852-6775-4952-B4DA-74F3DF43A14C} => C:\WINDOWS\system32\rmclient.exe [2017-03-18] (Microsoft Corporation)
Task: {494496A8-A644-44C5-A765-F2AE0F272EDE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {4BA41735-1687-402D-AD90-0DDEEA63696B} - System32\Tasks\Microsoft\Windows\RestartManager\{FCC9CAF1-EA13-4545-9CF0-57CB6990DB0B} => C:\WINDOWS\system32\rmclient.exe [2017-03-18] (Microsoft Corporation)
Task: {4BF85401-D16C-4303-8F8F-D6C72C40EA79} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {65DB4D66-3D8A-490F-B7A0-4165E2C450CC} - System32\Tasks\Microsoft\Windows\RestartManager\{D685D49D-B8FA-4024-ABDC-7B04C92D803C} => C:\WINDOWS\system32\rmclient.exe [2017-03-18] (Microsoft Corporation)
Task: {65E7CC2B-EBBE-45FA-BAC1-8D95E95611DB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {985CE628-C250-416D-81DD-13C3AA3F33A1} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-10-21] ()
Task: {A9B6DCF6-5A16-490F-A0D2-73D7B308D5B9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {AC680957-B270-45C6-BB25-D537E3341442} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-H9SP7OH-MrPierc => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {B07DEA9E-36A0-4035-BC7D-BA5985947FAD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {BD48D04D-C932-48AB-A374-6630601EBA96} - System32\Tasks\Microsoft\Windows\RestartManager\{086FAB49-8A04-49b5-9197-F23E98EC8975} => C:\WINDOWS\system32\rmclient.exe [2017-03-18] (Microsoft Corporation)
Task: {CC7AAA71-97C2-496C-9A6C-657F9F77B608} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D032B99E-90C9-443D-B37D-15C7979CD05E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {D3D3A0AC-F43F-4157-8380-15941DE85C0A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-10-21] (Adobe Systems Incorporated)
Task: {DC6D8A86-AECB-433B-AF92-35805BDC9B92} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {E59F9A20-1343-4D32-97C0-CC7D268DC4CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-21] (Google Inc.)
Task: {F581970F-23A8-49A3-9398-FD6E2663D1EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
Task: {FA050DA2-34FD-4174-A5AB-160991190FC1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-08-23 04:54 - 2017-08-29 06:30 - 000020208 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2017-05-28 18:58 - 2017-09-30 17:21 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-04-20 16:53 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-03-18 21:59 - 2017-03-20 05:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-20 18:33 - 2017-03-05 00:36 - 001209344 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-10-10 11:37 - 2017-10-10 11:38 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-26 09:09 - 2017-09-26 09:09 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-31 18:59 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-12 18:54 - 2017-07-07 07:15 - 002331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-12 18:54 - 2017-07-07 07:15 - 002836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2017-04-20 16:53 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-20 16:53 - 2017-10-11 02:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-08-17 15:51 - 2017-08-17 15:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\MrPierc\AppData\Local\Temp:$DATA [16]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-04-20 19:16 - 2017-04-20 19:16 - 000001027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-712972925-3502733572-2621328112-1002\Control Panel\Desktop\\Wallpaper -> I:\Programs\Ostatni\_Instalace Win10-64bit\_Nastaveni\Pozadi\zYiVHAl.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B4F27729-5911-494F-8FD5-ECF9850B2F89}C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Block) C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [TCP Query User{52E0D645-E2A6-4F4B-AFBE-DA4423EE48BE}C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe] => (Block) C:\program files (x86)\bethesda.net launcher\games\quakechampions\client\bin\pc\quakechampions.exe
FirewallRules: [{6C7E60BE-9158-403D-8A15-75B1DB18651C}] => (Allow) H:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{412B4C79-7D0E-4EEA-AC92-0A35FBD661DD}] => (Allow) H:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{294054D8-B231-4351-953A-B6659DB9E3D1}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6C4DA377-E7B3-46E1-AFDD-0BE700F96146}] => (Allow) H:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ED3DB252-ECD8-4639-9783-4F8F808D7601}] => (Allow) C:\Users\MrPierc\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A3168261-740E-48B7-9005-96BF53BA9904}] => (Allow) C:\Users\MrPierc\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94F23959-0FE7-4BAA-AF7D-9E49B2DE693F}] => (Allow) C:\Users\MrPierc\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B44568A-7E68-44A4-A2D1-BB0D0DC40DCB}] => (Allow) C:\Users\MrPierc\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{890BA138-4091-4336-B45C-50A807E9767F}] => (Allow) C:\Users\MrPierc\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4144D06F-EDE0-43AF-96EA-8309FD013102}] => (Allow) C:\Users\MrPierc\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D3D686C7-CE9E-497E-A2B9-172567F88F48}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{76773F0B-CDD4-4D95-9BCE-C436D31DED1B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{F732A8D2-D715-446F-B8B1-A546C1979F47}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{2C6097EB-72D3-47A7-B8B3-9DCE9365A555}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{8CCBCF83-63A2-45B4-A7A5-61AA4C966CBB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A770F95D-A07F-460A-B747-A3ED93BB365C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5BC7D1F9-62CF-4464-A1A0-F4CCEF634186}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50BF1873-A866-4D38-B7E9-1698D35F1BD4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{472D2E17-55FE-43D6-8565-C4A5E5AAEEA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{88B548DF-6517-4D00-B7BC-5AE7F599C0CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0F95392E-41E8-4BC4-ADFF-6487E267BA8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{16C9F6E5-C667-4EBB-BE8E-BDEE534A842D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{61933A81-CFA6-40E6-A1EC-9A74754ADDF8}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{B1813556-C40D-4274-BE6F-C59EF719845D}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [TCP Query User{68F776DC-0B4F-4C2D-9DEF-9AF2465966A9}H:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe
FirewallRules: [UDP Query User{57927825-282C-41A5-878B-036DF8C8A7AE}H:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\rising storm 2\binaries\win64\vngame.exe
FirewallRules: [{2CF43609-2363-4881-99C2-7B414E060CA0}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [{55AC2393-1B81-4B68-B881-C03237A7FDB0}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [TCP Query User{D7E32265-0C84-458E-9069-20A0EE41D5E2}H:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe
FirewallRules: [UDP Query User{006AE5BD-0699-4E92-A81A-C1AB531351AC}H:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe] => (Allow) H:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe
FirewallRules: [{8506F1D5-4470-49D0-819E-515F7803B197}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{29E2247A-5CF0-452A-8765-DF6877D2DABE}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{668903B6-3277-4680-9E4F-10F2D08CEFFD}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{0A70AD1E-354F-4607-BBB1-A140897456FF}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [TCP Query User{CC59568C-8E48-41B1-ABA1-96F12C08625D}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{32DFACB6-5568-4E32-8759-CC340E4ED28F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{F9571E11-DBD9-49DA-AFCB-10FCB174BE6E}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{B6C03486-FBB3-414E-B733-25722CBA5344}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{EAA975C9-72D3-4F45-8AA2-2173E1CE02FF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{DFA2F9D5-3C73-4309-A6D4-AE5032E02278}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{1C43F8BD-F04A-4D55-8677-9EADE7534065}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{A33600EF-A7B8-4817-B5A7-F0531CE3BDD2}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [TCP Query User{86C08B4C-A7A6-4FD0-AAE9-FCBF6F7EC8EE}H:\origin games\battlefield 4\bf4.exe] => (Allow) H:\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{2B96EFE9-2F24-4ACD-8BFE-90C258A1F15E}H:\origin games\battlefield 4\bf4.exe] => (Allow) H:\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{CF3CFACF-60C5-4D7A-98A8-3CF36E3E855A}I:\download\_torrent\hobo.tough.life\hobo.tough.life\hoborpg.exe] => (Allow) I:\download\_torrent\hobo.tough.life\hobo.tough.life\hoborpg.exe
FirewallRules: [UDP Query User{6AA8A8C8-301D-482B-9B49-9960C1C10E3A}I:\download\_torrent\hobo.tough.life\hobo.tough.life\hoborpg.exe] => (Allow) I:\download\_torrent\hobo.tough.life\hobo.tough.life\hoborpg.exe
FirewallRules: [{CD43DCC8-AE5F-4493-94E1-F40614A2DAB5}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{6FC0D70D-55E5-40E8-B837-47B9C0C7EFAE}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{39C50F0F-3984-460B-BA70-C96A75EF6042}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A7DD4152-6FB6-4A00-B378-D9BA53409407}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0F4BFB07-75A8-4AC8-BE21-91153ADC47D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{358F9E58-8426-4EF5-ACC3-DC0263AABB41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{A170B742-DB4E-43A9-8507-BBFB066066E9}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe
FirewallRules: [UDP Query User{896FF997-BB37-4F46-ABB6-F10D435B7355}C:\program files (x86)\destiny 2\destiny2.exe] => (Allow) C:\program files (x86)\destiny 2\destiny2.exe
FirewallRules: [TCP Query User{0879E9DE-1626-4798-A758-629A480515B5}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{07FE2619-FC46-435C-9681-178F28BBD833}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{AB4A84B7-BA48-49AC-AC93-29A69079A6BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5C075232-FD5B-44C6-8271-D28B43056820}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C2DECBC9-0828-4ED0-861B-43A0CCA631A6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5E32C8EF-E636-4756-9169-A70CDDB9895B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{13690D73-26CF-4DE9-BC11-A0F13FF353B6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F976B990-08C2-4D3B-A0D6-7660E9155F9B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{08E144DF-9717-4643-BEE4-BD2F7BA04638}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{0AE910FA-B93A-41B1-B8BD-344786822947}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{A1A2F048-B7D9-4098-AA28-5380CB8EFD28}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{55C5D464-8BBA-4B98-B291-31B7E99960BC}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe
FirewallRules: [{24B6DBDA-B1B7-4A99-8BDD-36AE10BD3A1D}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe
FirewallRules: [{483ED62C-1F9B-49FF-AA57-7339330ED4D3}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{94960910-6764-4B0E-A725-6BC9DF2E75F7}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{57BE4F83-239F-43F8-8C1C-C56D180ED21F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B4DAA195-63C9-4B26-A129-39BD2D4B5F01}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1E20333C-B28E-4EBC-9F68-24AF25C4A3D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{08D12955-63F5-43BD-AA35-95D7966264D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E3671224-0DBC-4AA8-95FC-75186EF85B89}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{2ED6D777-B30C-4F67-8246-F3FEE46926EA}] => (Allow) H:\Program Files (x86)\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{06513072-A4AA-4B9D-9C2E-8D3655947EA3}] => (Allow) H:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{B81EE1D1-F37E-464C-8862-686E932F2996}] => (Allow) H:\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{11B61091-C7FD-4BEB-B98C-0A3AE4D0E9C9}] => (Allow) H:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{B27C21DA-0056-43C2-A5C0-F970F4E1C9FE}] => (Allow) H:\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{A22C6360-04A5-4860-B6E5-40CBD3CDA6DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{B0E0F1EE-79F8-4175-A098-661C86A9A8D7}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{CD580E18-BB3D-4E24-B48C-982DF0E0ECF0}C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_151\bin\javaw.exe

==================== Restore Points =========================

11-10-2017 17:49:51 Windows Update
18-10-2017 16:14:03 Windows Update
20-10-2017 17:53:01 Installed Adobe.
26-10-2017 05:18:59 Installed SD Card Formatter.
31-10-2017 18:57:57 Removed Java 8 Update 144

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/31/2017 06:56:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-H9SP7OH)
Description: Balíček Microsoft.Windows.SecHealthUI_10.0.15063.0_neutral__cw5n1h2txyewy+SecHealthUI se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (10/25/2017 07:05:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvcontainer.exe, verze: 1.6.2264.7232, časové razítko: 0x598d715b
Název chybujícího modulu: poco.dll, verze: 1.7.6.0, časové razítko: 0x58efb2c7
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000dc10
ID chybujícího procesu: 0xbcc
Čas spuštění chybující aplikace: 0x01d349c29a4efdb6
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvContainer\poco.dll
ID zprávy: d4c0abdc-b46a-4279-83db-0b5b8fab4ce8
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2017 12:34:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cddd8
ID chybujícího procesu: 0x3518
Čas spuštění chybující aplikace: 0x01d34b29568acc02
Cesta k chybující aplikaci: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
Cesta k chybujícímu modulu: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
ID zprávy: 4db22ce7-446c-4afc-8eb7-a787856a3066
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2017 12:31:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cddd8
ID chybujícího procesu: 0x1568
Čas spuštění chybující aplikace: 0x01d34b2759d9fb3a
Cesta k chybující aplikaci: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
Cesta k chybujícímu modulu: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
ID zprávy: fbf37338-ecbf-4803-ac13-b9e9ff9ded66
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2017 12:16:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cddd8
ID chybujícího procesu: 0x1e64
Čas spuštění chybující aplikace: 0x01d34b26ac41de4a
Cesta k chybující aplikaci: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
Cesta k chybujícímu modulu: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
ID zprávy: ac031a05-8f75-4d73-bb71-81eb6bab46c2
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2017 12:12:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cddd8
ID chybujícího procesu: 0x2954
Čas spuštění chybující aplikace: 0x01d34b266a6455d3
Cesta k chybující aplikaci: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
Cesta k chybujícímu modulu: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
ID zprávy: bcb1b75b-773e-4bec-a8cb-308da823cf8b
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2017 12:10:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cddd8
ID chybujícího procesu: 0x29b0
Čas spuštění chybující aplikace: 0x01d34b2645d5078b
Cesta k chybující aplikaci: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
Cesta k chybujícímu modulu: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
ID zprávy: b4a6b107-b072-4998-ba07-b5c57d8c28b1
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2017 12:08:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cddd8
ID chybujícího procesu: 0x728
Čas spuštění chybující aplikace: 0x01d34b25f8e3c816
Cesta k chybující aplikaci: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
Cesta k chybujícímu modulu: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
ID zprávy: 24c4b5a4-aa0c-4c4c-842a-23f2224e4dc4
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2017 12:07:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cddd8
ID chybujícího procesu: 0xa0c
Čas spuštění chybující aplikace: 0x01d34b25a6b87acf
Cesta k chybující aplikaci: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
Cesta k chybujícímu modulu: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
ID zprávy: f3647c4b-e033-4b90-9a9d-fab2cbb5661f
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (10/22/2017 12:05:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: retroarch.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000cddd8
ID chybujícího procesu: 0x2bf4
Čas spuštění chybující aplikace: 0x01d34b24df34d23a
Cesta k chybující aplikaci: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
Cesta k chybujícímu modulu: I:\Games\_Emulatory\RetroArch_2017-10-22\retroarch.exe
ID zprávy: 1b504a2c-76ba-468f-afe8-b7da84673b93
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/31/2017 11:06:48 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/31/2017 11:06:48 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/30/2017 08:28:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/30/2017 08:28:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/29/2017 08:43:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/29/2017 08:43:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/27/2017 07:59:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/27/2017 05:21:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/26/2017 08:24:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/25/2017 09:29:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9SP7OH)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
  Date: 2017-10-21 08:44:59.799
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-10-20 18:33:45.191
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-10-20 18:33:44.968
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-10-20 18:33:44.763
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-10-20 18:33:44.609
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-10-20 18:33:44.533
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-10-20 18:33:44.409
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-10-20 18:33:43.728
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-10-20 18:33:43.325
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-10-17 16:53:21.600
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 43%
Total physical RAM: 16367.11 MB
Available physical RAM: 9319.82 MB
Total Virtual: 18799.11 MB
Available Virtual: 11401.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.4 GB) (Free:109.67 GB) NTFS
Drive e: (RETRO_LEGENDS) (CDROM) (Total:5.52 GB) (Free:0 GB) CDFS
Drive f: (2TB_big_zbytek) (Fixed) (Total:146.48 GB) (Free:146.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (2TB_big) (Fixed) (Total:1716.53 GB) (Free:77.92 GB) NTFS
Drive h: (1TB_Seagate) (Fixed) (Total:931.51 GB) (Free:30.25 GB) NTFS
Drive i: (BIG DADDY_2TB) (Fixed) (Total:1863.01 GB) (Free:113.73 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F30C15A4)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1716.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 16C2B92D)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 79482394)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 55CAB08E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================