Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Marsen (09-03-2018 19:46:38)
Running from C:\Users\Marsen\Desktop
Windows 7 Professional N Service Pack 1 (X64) (2016-07-25 23:03:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-854493922-2151152337-2819826391-500 - Administrator - Disabled)
Guest (S-1-5-21-854493922-2151152337-2819826391-501 - Limited - Disabled)
Marsen (S-1-5-21-854493922-2151152337-2819826391-1000 - Administrator - Enabled) => C:\Users\Marsen

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS B15.0630.1 (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) Hidden
@BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Aktualizace NVIDIA 23.2.20.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.2.20.0 - NVIDIA Corporation) Hidden
APP Center (HKLM-x32\...\{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte)
AutoHotkey 1.1.28.00 (HKLM\...\AutoHotkey) (Version: 1.1.28.00 - Lexikos)
Avira (HKLM-x32\...\{59d593c9-028b-4f00-a84d-7a71f5a28ad7}) (Version: 1.2.106.18629 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{64874AE0-1F9C-426A-96FC-C53A57C97ADE}) (Version: 1.2.106.18629 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.34.27 - Avira Operations GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.2.4.1118 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 -  GIGABYTE)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Cloud Station Server (HKLM-x32\...\{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1507.2901 - GIGABYTE) Hidden
Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1507.2901 - GIGABYTE)
CloudStation (HKLM-x32\...\{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0018 - GIGABYTE) Hidden
CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0018 - GIGABYTE)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Discord (HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.15.0626 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.15.0626 - GIGABYTE)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EZSetup B15.0811.1 (HKLM-x32\...\{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE) Hidden
EZSetup B15.0811.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE)
Futuremark SystemInfo (HKLM-x32\...\{E540B871-3230-4C5B-AAD5-A30F64398275}) (Version: 4.48.599.0 - Futuremark)
GameCtrl B15.0803.1 (HKLM-x32\...\{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE) Hidden
GameCtrl B15.0803.1 (HKLM-x32\...\InstallShield_{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE)
GamingMouse (HKLM-x32\...\{4F2CBB98-A9AB-4A7A-9DDC-00E340E42B9F}) (Version: 1.00 - GamingMouse)
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.90.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
In The Dark 1.0 for Trillian 5.x (HKLM-x32\...\{3088AE8E-B415-4D67-AF6C-D50DD5D83248}_is1) (Version: 1.0.0 - RealityRipple Software)
Intel(R) Driver Update Utility 2.6 (HKLM-x32\...\{2B710CA5-99F0-4D29-962C-29A7CFF7A989}) (Version: 2.6.0.32 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4414 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.4.65 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 5.4 Help Pack (Czech) (HKLM\...\{B969A636-DD22-4121-9A4C-54912C60DCD4}) (Version: 5.4.1.2 - The Document Foundation)
LibreOffice 5.4.1.2 (HKLM-x32\...\{8E811365-CBFB-49AC-AB25-9197549B309E}) (Version: 5.4.1.2 - The Document Foundation)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 58.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 58.0.2 (x64 cs)) (Version: 58.0.2 - Mozilla)
Mumble 1.2.16 (HKLM-x32\...\{D46E166D-B232-480C-8543-72EB779CB970}) (Version: 1.2.16 - Thorvald Natvig)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.2.2.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.2.49 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.0.2.1 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.2 - NVIDIA Corporation) Hidden
ON_OFF Charge 2 B14.0217.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B14.0217.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Path of Exile (HKLM-x32\...\{5cdc26d8-07db-4b86-8526-47562e227795}) (Version: 3.1.3.25857 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.1.3.25857 - Grinding Gear Games) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
REDRAGON Gaming Mouse (HKLM-x32\...\{7979717B-627F-4A4C-8E1A-9107CC6F21E2}_is1) (Version: 1.2 - REDRAGON)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Smart Recovery 2 B15.0812.1  (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0003 - GIGABYTE)
Smart TimeLock B15.0626.1 (HKLM-x32\...\{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE) Hidden
Smart TimeLock B15.0626.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
SoftPerfect WiFi Guard version 1.0.7 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.7 - SoftPerfect)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\Spotify) (Version: 1.0.75.483.g7ff4a0dc - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Uplay (HKLM-x32\...\Uplay) (Version: 21.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VTuner (HKLM-x32\...\{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE) Hidden
VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-854493922-2151152337-2819826391-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] ()
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-05-12] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-12-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2009-12-12] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EF08497-D69A-4F18-9664-167B1E989A40} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {167EF363-1C5B-4158-BA3A-155A301F110A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {1C15574F-66BA-4766-A39E-D37B7C86D7DD} - System32\Tasks\{87E3E43F-BB96-4DD7-B527-77E6B75ACAEE} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.28.64.101/cs/abandoninstall?page=tsBing
Task: {26750272-534F-4691-9ED1-8F682ACE113D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {3075E960-030B-4929-A1CD-6CC95829E484} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-06] (NVIDIA Corporation)
Task: {3148AC8D-FEDA-4E72-B903-5F9F2EF2803E} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {46EA16A2-CD6B-4B3D-997B-3C3F1CF15615} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {483B93AF-F962-4BF4-A382-0A832844A67C} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {4EC25F31-1DDC-4743-804E-FB5B46679E48} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-06] (NVIDIA Corporation)
Task: {53F28AB0-965F-4674-B81E-F4ACF0A072CE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-06] (NVIDIA Corporation)
Task: {5CFA18EE-BE92-467F-A659-5DAECE38CC9D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-06] (NVIDIA Corporation)
Task: {69ED5731-2D78-4946-8A31-F1DEDBE06EA2} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-02-15] (Avira Operations GmbH & Co. KG)
Task: {7220931B-147A-4C3E-838D-03656FAD519A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {82352338-5930-4ECD-8481-840D3A87E6F7} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-06] (NVIDIA Corporation)
Task: {90C761FC-208D-4AF8-8CEF-841122588C70} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-06] (NVIDIA Corporation)
Task: {9F91C689-B330-47DA-ABF0-8FFE892DC02C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-06] (NVIDIA Corporation)
Task: {ADDD3494-61F2-49B7-BFF4-2B1087F05FD5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {B4F72AAE-1E59-4CB0-B6C0-83E80F75768D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {B54AF45A-C745-47A1-B1D5-D260A6B64942} - System32\Tasks\OC GURU II Auto Run => C:\Program [Argument = Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe]
Task: {BAF917FD-8432-442E-A9E0-99133EDF1D7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {BD7F329E-3BDC-427B-A55F-28330E367057} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {BFBF8300-88FC-4ECA-B027-953FBC1910CD} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe [2018-01-04] ()
Task: {DCECDB64-BB83-4104-918D-BD17C41FC0E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E5C797B9-B993-4B6A-8622-8D403E4077F1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => D:\Programy\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-25 21:54 - 2016-07-25 21:54 - 000008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2016-07-26 13:02 - 2009-12-12 14:12 - 000166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-04-14 14:27 - 2015-04-14 14:27 - 000016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2016-09-24 18:57 - 2017-01-06 02:10 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-24 18:57 - 2017-01-06 02:10 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-19 10:40 - 2016-12-24 14:56 - 000075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-06-08 17:04 - 2016-06-08 17:04 - 000117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2017-01-05 11:01 - 2015-05-20 14:24 - 003264000 _____ () C:\Program Files (x86)\REDRAGON Gaming Mouse\Titanoboa\ttMon.exe
2016-07-25 22:29 - 2016-06-08 17:07 - 000458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-07-25 22:29 - 2016-06-08 17:18 - 000709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-07-25 22:29 - 2016-06-08 17:17 - 000188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-07-25 22:29 - 2016-06-08 17:12 - 000416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-07-25 22:29 - 2016-06-08 17:15 - 000130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-07-25 22:29 - 2016-06-08 17:16 - 000025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-07-25 22:29 - 2016-06-08 17:16 - 000059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-07-25 22:29 - 2016-06-08 17:16 - 000194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-07-25 22:29 - 2016-06-08 17:17 - 000159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-07-25 22:29 - 2016-06-08 17:17 - 000158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-07-25 22:29 - 2016-06-08 17:16 - 000050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-07-25 22:29 - 2016-06-08 17:15 - 000032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-11-11 11:40 - 2014-05-13 12:04 - 000109400 _____ () D:\Programy\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-11-11 11:40 - 2014-05-13 12:04 - 000416600 _____ () D:\Programy\Spybot - Search & Destroy 2\DEC150.bpl
2016-11-11 11:40 - 2014-05-13 12:04 - 000167768 _____ () D:\Programy\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-11-11 11:40 - 2012-08-23 10:38 - 000574840 _____ () D:\Programy\Spybot - Search & Destroy 2\sqlite3.dll
2016-11-11 11:40 - 2012-04-03 17:06 - 000565640 _____ () D:\Programy\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-07-26 02:05 - 2017-01-06 02:10 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 18:57 - 2017-01-06 02:10 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-24 18:57 - 2017-01-06 02:10 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-05 11:01 - 2011-01-27 00:53 - 000028160 _____ () C:\Program Files (x86)\REDRAGON Gaming Mouse\Titanoboa\uiHook.dll
2015-04-14 13:05 - 2015-04-14 13:05 - 001974272 _____ () C:\Program Files (x86)\GIGABYTE\SIV\MFCCPU.dll
2015-02-16 09:47 - 2015-02-16 09:47 - 000105472 _____ () C:\Program Files (x86)\GIGABYTE\SIV\ycc.dll
2015-05-26 23:00 - 2015-05-26 23:00 - 000059904 _____ () C:\Program Files (x86)\Trillian\zlib1.dll
2015-05-26 23:00 - 2015-05-26 23:00 - 000187392 _____ () C:\Program Files (x86)\Trillian\libpng15.dll
2015-05-26 23:00 - 2015-05-26 23:00 - 000065536 _____ () C:\Program Files (x86)\Trillian\libungif.dll
2012-11-28 08:21 - 2012-11-28 08:21 - 000005120 _____ () c:\users\marsen\appdata\roaming\trillian\languages\cs\trillian.dll
2012-11-28 09:21 - 2012-11-28 09:21 - 000002048 _____ () c:\users\marsen\appdata\roaming\trillian\languages\cs\toolkit.dll
2012-11-28 09:21 - 2012-11-28 09:21 - 000007168 _____ () c:\users\marsen\appdata\roaming\trillian\languages\cs\events.dll
2012-11-28 09:21 - 2012-11-28 09:21 - 000009728 _____ () c:\users\marsen\appdata\roaming\trillian\languages\cs\buddy.dll
2012-11-28 09:21 - 2012-11-28 09:21 - 000006144 _____ () c:\users\marsen\appdata\roaming\trillian\languages\cs\talk.dll
2018-01-09 16:45 - 2018-01-08 17:52 - 001891832 _____ () C:\Users\Marsen\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-09 16:45 - 2018-02-10 09:18 - 001780216 _____ () \\?\C:\Users\Marsen\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-01-09 16:45 - 2018-01-08 17:52 - 001937912 _____ () C:\Users\Marsen\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-09 16:45 - 2018-01-08 17:52 - 000095736 _____ () C:\Users\Marsen\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-01-09 16:45 - 2018-01-26 17:14 - 009817080 _____ () \\?\C:\Users\Marsen\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-09 16:45 - 2018-02-01 17:39 - 001508344 _____ () \\?\C:\Users\Marsen\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-09 16:45 - 2018-01-09 16:45 - 000513016 _____ () \\?\C:\Users\Marsen\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-09 16:45 - 2018-01-09 16:45 - 002662904 _____ () \\?\C:\Users\Marsen\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-09 16:45 - 2018-02-01 17:39 - 001518072 _____ () \\?\C:\Users\Marsen\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2017-08-10 08:13 - 2017-07-21 15:26 - 000518144 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2016-09-24 18:57 - 2017-01-06 01:09 - 000527416 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-24 18:57 - 2017-01-06 01:09 - 000252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-24 18:57 - 2017-01-06 01:09 - 002807232 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-24 18:57 - 2017-01-06 01:09 - 000384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-24 18:57 - 2017-01-06 01:09 - 000449080 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-24 18:57 - 2017-01-06 01:09 - 000336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-24 18:57 - 2017-01-06 01:09 - 001003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-17 10:48 - 2017-01-06 01:09 - 000954816 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2015-02-25 13:15 - 2015-02-25 13:15 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-11-03 18:27 - 2018-03-04 20:51 - 080302992 _____ () C:\Users\Marsen\AppData\Roaming\Spotify\libcef.dll
2017-11-03 18:27 - 2018-03-04 20:51 - 003734416 _____ () C:\Users\Marsen\AppData\Roaming\Spotify\libglesv2.dll
2017-11-03 18:27 - 2018-03-04 20:51 - 000088464 _____ () C:\Users\Marsen\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7916 more sites.

IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-854493922-2151152337-2819826391-1000\...\123simsen.com -> www.123simsen.com

There are 7916 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-854493922-2151152337-2819826391-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GIGABYTE OC_GURU.lnk => C:\Windows\pss\GIGABYTE OC_GURU.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Discord => C:\Users\Marsen\AppData\Local\Discord\app-0.0.297\Discord.exe
MSCONFIG\startupreg: GamingMouse => C:\Program Files (x86)\GamingMouse\mousehid.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SDTray => "D:\Programy\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Sound Blaster Tactic3D Control Panel => "C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe" /r
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{38A8D87B-42D7-4C24-951C-AB56AC1A37FB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0BD99A9B-C166-48C7-A1AE-E0C8AB61B060}] => (Allow) C:\Hry\Steam\Steam.exe
FirewallRules: [{BC8B8CC8-BDAF-4D0C-8EE7-A869CBF267BB}] => (Allow) C:\Hry\Steam\Steam.exe
FirewallRules: [{D87A332C-B42A-4ED9-9065-C02F5B085518}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CB926963-4F21-42A1-B306-16E7D331D7D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EDD8DE63-7D94-43B2-AB1C-0E67B981E1E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{090E430A-91B9-47E4-B479-02DE9A709E7D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{316BD986-720B-4D97-8A46-FBC1490E36B1}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
FirewallRules: [{A8E3A677-08EE-4466-AF55-6113930D7624}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
FirewallRules: [{D141010B-E7BB-4D9A-B3DF-43E4D6182739}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
FirewallRules: [{A2937822-E19F-4E72-A219-738D725541B0}] => (Allow) LPort=1980
FirewallRules: [{4DAD3D11-512F-4009-8C27-B10193B1BFD5}] => (Allow) LPort=1900
FirewallRules: [{41F9E724-7D54-4F24-8B2A-7AAB5A13C7FB}] => (Allow) LPort=1900
FirewallRules: [{1F9C49DD-5D9B-4F5B-ABAF-6DEA90A551CC}] => (Allow) LPort=8193
FirewallRules: [{E81BED7A-47BA-48A9-ADBF-8A5C16A5A96D}] => (Allow) C:\Users\Marsen\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{F65DFCBA-A9AC-4881-A816-5A8F97E0490B}] => (Allow) C:\Users\Marsen\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{3047B265-311A-4039-BED8-22A0BF18CDC3}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe
FirewallRules: [UDP Query User{E1DB28C6-AB8B-4EA2-A1C3-9331F1CC706C}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe
FirewallRules: [{ABB8B351-65CB-4AE5-AFB7-922A76D042F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C8684774-7485-4EB4-8DB0-002A369342C3}] => (Allow) C:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{259D6541-2909-4CD3-91E7-16EE039C0DEB}] => (Allow) C:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DFDDB627-F999-46A6-B5C3-8FD5683CBC81}] => (Allow) C:\Hry\Steam\Steam.exe
FirewallRules: [{DEEA19AE-0C22-4610-AC2B-2C244967A3EA}] => (Allow) C:\Hry\Steam\Steam.exe
FirewallRules: [{F290058B-0E89-449E-A884-0678E088BFD9}] => (Allow) C:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{500D2FF4-0498-4D1E-B8EE-428509ECC05D}] => (Allow) C:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1E2108EC-121B-4224-B7AF-98CE74D121E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5E38A140-0E6F-473E-9DD0-8E8F034B89F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8FFE895D-E680-43B0-9283-C28BAFA93F1C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{22AD6FDC-2BB8-43D3-8056-E78854C0E6D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C79003E2-ECA7-46A4-89D4-4CE2CACAD7E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F9A351DE-5A91-4CD0-8B14-50ABC857C5B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{6BD4F9AE-9270-4EA2-A8C3-7C4323C48C26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{626ABE5A-8E83-4DDA-956A-9E5330E1BABB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E86C5259-FD71-4C68-BC0D-1CB3365A2E1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F946107B-7C0D-4286-B2D6-6499535714BE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C8C942FE-ABA1-4578-96FE-302486923AB8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{58F6E176-9C43-4F64-947C-6C6BF981B9C2}C:\hry\overwatch\overwatch.exe] => (Allow) C:\hry\overwatch\overwatch.exe
FirewallRules: [UDP Query User{2761B801-2E3C-42AE-9EBF-C5D940666024}C:\hry\overwatch\overwatch.exe] => (Allow) C:\hry\overwatch\overwatch.exe
FirewallRules: [TCP Query User{0BCAE268-8F4D-47D2-9D58-CA08741D26E1}C:\users\marsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{71C29F4C-3B62-4CB2-8F03-AA83B95199FA}C:\users\marsen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F2D12BEE-0D49-44A1-BB19-C4F31C6F7BC2}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{549E8746-2D58-430A-815C-D680397F512D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{CA1157CD-8092-42D0-BB2D-62179E88C2C8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{BC462D72-E35D-4F8B-9D3D-EC116425C895}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{412EAE35-9449-455D-867B-D945737D3A1B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6BD04DA2-36AD-42CC-B062-D1478D72E52E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{976C43B5-1C35-4326-A890-855E32B598FA}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{AA8E9222-6B62-4F11-B962-187A3B538902}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [TCP Query User{30960F32-9995-48D2-A912-DDBEF8D65739}C:\users\marsen\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3F7707F8-4C61-4220-AAAE-11B8476894DF}C:\users\marsen\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marsen\appdata\roaming\spotify\spotify.exe
FirewallRules: [{8F5D7C2C-423F-49DA-8D7B-CA3874215894}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E23E25DC-1D80-41ED-B861-2A22AF267855}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe
FirewallRules: [UDP Query User{2E7622DE-DA50-4FCB-B102-533E1576DB18}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe
StandardProfile\AuthorizedApplications: [D:\Programy\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [D:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [D:\Programy\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [D:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

08-03-2018 12:08:08 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2018 06:30:14 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Získání lístku pravosti se u šablony s ID 66c92734-d682-4d71-983e-d6ec3f16059f nezdařilo (hr=0xC004C4A2)

Error: (03/09/2018 06:30:14 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Stav pravosti byl u aplikace s ID 55c92734-d682-4d71-983e-d6ec3f16059f nastaven na nepravý (0x00000000).

Error: (03/09/2018 05:56:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/09/2018 12:34:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/08/2018 08:25:21 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Chyba služby Stínová kopie svazku: Po dobu vytváření stínové kopie na svazku C:\ nelze uchovat vstupně-výstupní zápisy.
Index svazku v sadě stínové kopie: 0. Podrobnosti o chybě: Otevřeno[0x00000000, Operace byla dokončena úspěšně.
], Zapsáno[0x00000000, Operace byla dokončena úspěšně.
], Uvolněno[0x80042314, Časový limit zprostředkovatele stínové kopie vypršel při přidržení zápisů na svazek, jehož stínová kopie je vytvářena. To je pravděpodobně způsobeno nadměrnou aktivitou aplikace nebo systémové služby na svazku. Opakujte akci později, až dojde ke snížení aktivity na svazku.
], Spuštěno[0x00000000, Operace byla dokončena úspěšně.
].


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (03/08/2018 08:25:20 PM) (Source: VSS) (EventID: 12310) (User: )
Description: Chyba služby Stínová kopie svazku: Stínovou kopii nelze zapsat – časový limit operace vypršel.
Kontext chyby: DeviceIoControl(\\?\Volume{c3dd874d-52bb-11e6-8402-806e6f6e6963} - 000000000000013C,0x0053c010,000000000034E5F0,0,000000000038FFD0,4096,[0]).


Operace:
   Zápis stínových kopií

Kontext:
   Kontext spuštění: System Provider

Error: (03/08/2018 08:23:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/08/2018 08:01:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program PathOfExile_x64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a0c

Čas spuštění: 01d3b70078092ddb

Čas ukončení: 274

Cesta k aplikaci: C:\Program Files (x86)\Grinding Gear Games\Path of Exile\PathOfExile_x64.exe

ID hlášení:


System errors:
=============
Error: (03/09/2018 06:59:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (03/09/2018 06:59:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (03/09/2018 06:59:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (03/09/2018 06:59:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (03/09/2018 06:27:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (03/09/2018 06:27:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (03/09/2018 06:27:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (03/09/2018 06:27:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 26%
Total physical RAM: 16245.34 MB
Available physical RAM: 11994.79 MB
Total Virtual: 32488.84 MB
Available Virtual: 27323.46 MB

==================== Drives ================================

Drive c: (Fiši disk) (Fixed) (Total:232.79 GB) (Free:40.05 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.39 GB) (Free:198.17 GB) NTFS

\\?\Volume{c3dd874c-52bb-11e6-8402-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: AB779F25)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 6F66A98E)

Partition: GPT.

==================== End of Addition.txt ============================