Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2017
Ran by Asgar (30-12-2017 15:00:17)
Running from C:\Users\Asgar\Desktop\poly
Windows 10 Pro Version 1709 16299.125 (X64) (2017-12-06 18:45:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2648889878-3685054796-3145049187-500 - Administrator - Disabled)
Asgar (S-1-5-21-2648889878-3685054796-3145049187-1005 - Administrator - Enabled) => C:\Users\Asgar
DefaultAccount (S-1-5-21-2648889878-3685054796-3145049187-503 - Limited - Disabled)
Guest (S-1-5-21-2648889878-3685054796-3145049187-501 - Limited - Disabled)
oem (S-1-5-21-2648889878-3685054796-3145049187-1001 - Administrator - Enabled) => C:\Users\oem
WDAGUtilityAccount (S-1-5-21-2648889878-3685054796-3145049187-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2648889878-3685054796-3145049187-1005\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Age of Empires complete version 1.0c (HKLM-x32\...\{F7F0D70E-9027-4DF5-B67F-4B48CE29565A}_is1) (Version: 1.0c - vol1)
Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_Origami_is1) (Version: 1.0 - R.G. Origami, Seraph1)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.11.2 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
AVS Video Editor 7.4.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.4.1.281 - Online Media Technologies Ltd.)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DARK.SOULS.III.Deluxe.Edition.v1.14+DLCs verze 1.14 (HKLM-x32\...\{4CBE77AD-BFF6-44CE-9109-C4C805CD5494}}_is1) (Version: 1.14 - Ali213.net)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2648889878-3685054796-3145049187-1005\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NoVirusThanks OSArmor v1.3 (HKLM\...\NoVirusThanks OSArmor_is1) (Version: 1.3.0.0 - NoVirusThanks Company Srl)
Opera Stable 49.0.2725.64 (HKLM-x32\...\Opera 49.0.2725.64) (Version: 49.0.2725.64 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7524 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stereo 2001 - jednoduché a podvojné účetnictví, v.2.4.0 (HKLM-x32\...\Stereo2001v24x_is1) (Version: 2.4.0 - KASTNER software s.r.o.)
SWAT 4 (HKLM-x32\...\{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Sierra Entertainment, Inc.) Hidden
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Sierra Entertainment, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
World of Tanks (HKU\S-1-5-21-2648889878-3685054796-3145049187-1005\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Základní software zařízení HP Deskjet 2050 J510 series (HKLM\...\{F61FD928-A74D-4AF9-9667-BE2BB6F2C386}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-27] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-27] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-27] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-11-15] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-27] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BA2A47-9B0D-4F82-92EA-AF903EE170DD} - System32\Tasks\Update Manager => C:\Users\Asgar\AppData\Roaming\DARK.SOULS.III.Deluxe.Edition.v1.14+DLCs\uzgmil.exe
Task: {0788147F-7D3E-4949-8192-DFD38226EBCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {0803A8DC-AFAF-4FC2-963C-A4547A54F557} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
Task: {137217AC-7FA5-4B05-BBD5-0E475A8283F1} - System32\Tasks\SafeZone scheduled Autoupdate 1490052982 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {1588F768-5BA1-48FE-A945-D71FA5FB7650} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {28A63D9A-B8DA-4597-B6A2-587E44AE05F1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
Task: {3EE7377A-E9E6-42A7-9830-921204F0BC7F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-27] (AVAST Software)
Task: {46CDF8BE-2921-4820-86A4-C57D05611913} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-11] (Adobe Systems Incorporated)
Task: {5BF2FA0C-D8D9-4F12-A2FC-570F39FC850E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-12-11] (Adobe Systems Incorporated)
Task: {5FFD5604-EDA7-456A-B93E-84A33DCB3FF0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {67F67106-9860-45A5-931B-E8FC51105525} - System32\Tasks\update-S-1-5-21-2648889878-3685054796-3145049187-1005 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {70EE64A5-C13C-4E10-B736-329C77A8CB87} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-11-15] (Advanced Micro Devices, Inc.)
Task: {8C31A4A8-127A-4E15-8DE6-F47A01174226} - System32\Tasks\JjGv => C:\Program Files (x86)\Common Files\UmAO.bat [2017-09-29] () <==== ATTENTION
Task: {A0650E64-108F-4DC3-AF30-33EBDB61E651} - System32\Tasks\Opera scheduled Autoupdate 1490083183 => C:\Program Files (x86)\Opera\launcher.exe [2017-12-18] (Opera Software)
Task: {A35F39B4-BD6C-4FC3-AE99-C8245A06B9DC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-06] (AVAST Software)
Task: {AD541981-0FF0-4993-B34A-353B53213BFA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {ADBAFEED-B20A-4417-BECC-42FEC150ECBA} - System32\Tasks\UuiQAH => C:\WINDOWS\WIHETybACA.bat [2017-09-29] () <==== ATTENTION
Task: {B837DC25-769B-40D9-80F9-DE97C71B3301} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {C3C19264-E591-4A87-A9D1-E2BCDC8CEFD0} - System32\Tasks\GuMYLTBYp => C:\Users\Asgar\AppData\Local\UyiozAel.exe [2017-09-29] (Microsoft Corporation)
Task: {D1144540-BE6F-4138-9F61-D964C8A48D06} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F4F38154-5F10-4317-B675-0DFC588E6CE2} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-2648889878-3685054796-3145049187-1005.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-06 19:19 - 2017-12-06 19:19 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-06 19:19 - 2017-12-06 19:19 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-11 19:08 - 2017-12-11 19:09 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-11 19:08 - 2017-12-11 19:09 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-11 19:08 - 2017-12-11 19:09 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-11 19:08 - 2017-12-11 19:09 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 000477184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-12-13 22:41 - 2017-12-13 22:42 - 058590720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-06 17:58 - 2017-10-06 17:58 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-13 22:32 - 2017-11-13 22:33 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-06 17:58 - 2017-10-06 17:58 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 003727360 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 016395264 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 003579904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-12-13 22:41 - 2017-12-13 22:41 - 003204096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-09-01 20:57 - 2017-09-01 20:57 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 004038144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 001367040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-12-13 22:41 - 2017-12-13 22:42 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\SKU.dll
2017-03-21 10:19 - 2017-03-21 10:19 - 000015360 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\CompanionApp.exe
2017-03-21 10:19 - 2017-03-21 10:19 - 004148736 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\CompanionApp.dll
2017-03-21 10:19 - 2017-03-21 10:19 - 000637440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\CompanionAppDeviceManager.dll
2017-03-21 10:19 - 2017-03-21 10:19 - 000258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1609.2561.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-12-27 00:17 - 2017-12-20 22:15 - 069364008 _____ () C:\Program Files (x86)\Opera\49.0.2725.64\opera_browser.dll
2017-12-27 00:17 - 2017-12-20 22:15 - 003194152 _____ () C:\Program Files (x86)\Opera\49.0.2725.64\libglesv2.dll
2017-12-27 00:17 - 2017-12-20 22:15 - 000095528 _____ () C:\Program Files (x86)\Opera\49.0.2725.64\libegl.dll
2017-12-27 00:30 - 2017-12-27 00:30 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-12-27 00:30 - 2017-12-27 00:30 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-12-27 00:30 - 2017-12-27 00:30 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-07-11 11:34 - 2017-07-11 11:34 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-27 00:30 - 2017-12-27 00:30 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-12-27 00:30 - 2017-12-27 00:30 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-12-08 22:21 - 2017-12-08 22:21 - 000102088 _____ () C:\Users\Asgar\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2017-03-20 21:27 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-03-20 21:27 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-03-20 21:27 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-03-20 21:27 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-03-20 21:27 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-21 22:15 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-21 22:15 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-21 22:15 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-21 22:15 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-21 22:15 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-03-20 21:27 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-03-20 21:27 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-11 14:40 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-03-20 21:28 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-03-20 21:27 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2648889878-3685054796-3145049187-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2648889878-3685054796-3145049187-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF5BE79A-CA65-4E28-8B89-02B6E3E9465F}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.47\opera.exe
FirewallRules: [{31874BA6-C44D-4599-88B2-C6D795079D79}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{DF6B3EF5-C471-4D11-9A7D-0E82B99293DB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [UDP Query User{6142AE2B-AD79-4E9E-BBF9-456EE17ACBD2}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{42C5B80E-C607-4647-8759-0011FC350DAB}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{B302B6E2-7577-4A6B-96C1-561FBEAD0B0A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{690626CD-C33D-4046-856F-D5E41D2B1A84}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{1BAF6226-B1F6-4AE8-B3DC-A5DC156E9BB3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{F98B3BFB-C095-4E09-96A9-3D46E71924AB}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{4DA7A41C-0031-40D5-BB6B-60274FE5EB80}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{86DF55DA-8866-4BC0-9FE0-EC0D0CD5E286}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6628E25A-1084-4B7B-9E9D-1F638D02E951}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C4D88773-83E2-4C13-BFDD-BD510F11CEB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{B32577AC-3EA4-4E6A-A373-39AC004DA5E4}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{6FFA06D4-C972-48C8-B51B-A33E1A779421}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{AA646C8A-3BB9-4467-BA1D-BC40C648D54C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9A58DC11-C2C4-4CBA-BA5C-9AB568752A90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CB54E539-4E22-4686-95D7-785291A276B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D7C470B7-2D6E-4123-ADAA-C32244EA9422}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{1DCCAA21-1DA9-484F-B903-65E57053DC76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{54653EB7-E847-465D-AF02-68A2FC7CB20A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{78D28464-EAE5-44F8-983D-B7EAEF8005C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{D76A54B9-B109-4C36-BD8B-376B279AFDC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{1E69E0F0-E5BF-4792-92EE-573F12EB6DF7}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{DB84CFB7-EEE5-4529-AE2A-127044A03FDF}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{24BA69A1-CE8B-4F4C-8FBF-A564CC181812}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{B73F7FF8-107D-4F85-B2B6-3EF2525BD399}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{D8C5B5EE-D860-4D98-99D3-AA21320EE27E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1B1DE360-2E97-4777-8FCA-8D4963CF6693}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8D691E5B-430D-4382-B353-12FCD733A88F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{133B4999-6221-4CBC-AF34-7D83F49577F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{4B96AE79-2410-4F85-9F3F-6AAE167F4C92}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{F7C9DAE0-44B8-4BA9-AD5D-AC3B4C259627}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{1F25B06E-6241-4EF4-A251-9637FFF675BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{D2C416A3-4E05-4915-A160-0245D5C92503}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{2A3A0C5E-7A46-469D-AEB4-905A85A565F4}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{3C9EA425-47E9-4528-AA90-4B43A5D52429}] => (Allow) C:\Users\Asgar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6CED4657-B89B-4151-A58F-4F58424CA980}] => (Allow) C:\Users\Asgar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A22F0315-17DE-4193-A233-AFB24F264C85}] => (Allow) C:\Users\Asgar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{07B62CB9-27FE-4A1C-9DAF-533546AD241C}] => (Allow) C:\Users\Asgar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{33DC25A9-3751-47E8-9F49-6DBEDE83FD91}] => (Allow) C:\Users\Asgar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9304B3B4-C89A-4D06-B2E2-0756B556DB76}] => (Allow) C:\Users\Asgar\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{08F6BBD0-3C40-492B-8753-A17185E393C5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4EA065F6-A111-4418-A6FF-0AB652C65579}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{43B8B07A-622E-4AE3-86D9-F967AFE94B39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{3A93E519-E61F-4E44-93A1-CC3DF4EF45E2}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
FirewallRules: [{72839072-4048-44CB-8E13-172C84B4EE1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\launcher.exe
FirewallRules: [{8AAA8B1F-8D1A-4D76-BABE-0C463EBE9BAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\launcher.exe

==================== Restore Points =========================

Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000284,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000006AF9A7EE30.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000250,(null),0,REG_BINARY,00000070177FD610.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Název modulu pro zápis: WMI Writer
   ID instance modulu pro zápis: {5c8d4bc6-83f1-400e-a3a1-ea6e2defa461}

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x000001e8,(null),0,REG_BINARY,00000050051FDA00.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {67037a05-8df8-498d-a3ea-56f7a11ec2d8}

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000208,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,0000006AF9CFEA70.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Název modulu pro zápis: Registry Writer
   ID instance modulu pro zápis: {da29cf04-d2b2-49f8-a369-88ff3d189607}

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x0000086c,SYSTEM\CurrentControlSet\Services\VSS\Diag\MSSearch Service Writer,0,REG_BINARY,0000004BDE17D730.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Název modulu pro zápis: MSSearch Service Writer
   ID instance modulu pro zápis: {83076706-d3a5-445a-925d-4a4c6211a4a5}

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000224,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,0000006AF9B7F3A0.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Název modulu pro zápis: COM+ REGDB Writer
   ID instance modulu pro zápis: {8de2f1ef-e9bf-4a2c-bf0e-e7e47255089b}

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000250,(null),0,REG_BINARY,00000070177FD610.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Název modulu pro zápis: WMI Writer
   ID instance modulu pro zápis: {5c8d4bc6-83f1-400e-a3a1-ea6e2defa461}

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x000001e8,(null),0,REG_BINARY,00000050051FDA00.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {67037a05-8df8-498d-a3ea-56f7a11ec2d8}

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x0000086c,SYSTEM\CurrentControlSet\Services\VSS\Diag\MSSearch Service Writer,0,REG_BINARY,0000004BDE17D730.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Název modulu pro zápis: MSSearch Service Writer
   ID instance modulu pro zápis: {83076706-d3a5-445a-925d-4a4c6211a4a5}

Error: (12/29/2017 10:18:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegSetValueExW(0x00000254,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,0000006AF9C7EB80.72) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen.
.


Operace:
   Událost BackupShutdown

Kontext:
   Kontext spuštění: Writer
   ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Název modulu pro zápis: Shadow Copy Optimization Writer
   ID instance modulu pro zápis: {1fc20183-465a-4ae9-b058-b1be5db9e3bb}


System errors:
=============
Error: (12/30/2017 09:26:02 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou: 
Přístup byl odepřen.

Error: (12/30/2017 09:10:38 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureCommand s touto chybou: 
Přístup byl odepřen.

Error: (12/30/2017 09:10:34 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou: 
Přístup byl odepřen.

Error: (12/30/2017 09:00:17 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou: 
Přístup byl odepřen.

Error: (12/30/2017 08:53:38 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou: 
Přístup byl odepřen.

Error: (12/30/2017 01:06:27 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/30/2017 12:31:10 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro DeleteFlag s touto chybou: 
Přístup byl odepřen.

Error: (12/30/2017 12:31:09 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro DeleteFlag s touto chybou: 
Přístup byl odepřen.

Error: (12/30/2017 12:31:09 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro DeleteFlag s touto chybou: 
Přístup byl odepřen.

Error: (12/30/2017 12:31:08 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro DeleteFlag s touto chybou: 
Přístup byl odepřen.


CodeIntegrity:
===================================
  Date: 2017-12-29 00:54:35.488
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Opera\49.0.2725.64\opera.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-27 00:27:27.497
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Users\Asgar\AppData\Local\Unity\WebPlayer\Uninstall.exe that did not meet the Microsoft signing level requirements.

  Date: 2017-12-27 00:27:16.162
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Users\Asgar\AppData\Local\Unity\WebPlayer\Uninstall.exe that did not meet the Microsoft signing level requirements.

  Date: 2017-12-27 00:26:49.195
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Users\Asgar\AppData\Local\Unity\WebPlayer\Uninstall.exe that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: AMD FX(tm)-4320 Quad-Core Processor 
Percentage of memory in use: 48%
Total physical RAM: 8140.04 MB
Available physical RAM: 4181.23 MB
Total Virtual: 13004.04 MB
Available Virtual: 7222.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.96 GB) (Free:548.49 GB) NTFS
Drive f: (SWAT4_1) (CDROM) (Total:0.62 GB) (Free:0 GB) CDFS
Drive g: (Swat4_2) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================