Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Martin (27-08-2018 17:37:08)
Running from F:\
Windows 7 Professional Service Pack 1 (X64) (2016-12-17 15:57:03)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4198378926-2468882242-2286024969-500 - Administrator - Disabled)
Guest (S-1-5-21-4198378926-2468882242-2286024969-501 - Limited - Disabled)
Martin (S-1-5-21-4198378926-2468882242-2286024969-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS B15.0630.1 (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE) Hidden
@BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Aktualizace NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
APP Center (HKLM-x32\...\{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.17.0801 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.17.0801 - Gigabyte)
ArcSoft MediaConverter 8 (HKLM-x32\...\{936FA6E0-8A87-4A03-8004-138AB7A97637}) (Version: 8.0.0.16 - ArcSoft, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.59 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bullzip PDF Printer 10.4.0.2240 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.4.0.2240 - Bullzip)
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 -  GIGABYTE)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.300 (20170323_18) - CÍGLER SOFTWARE, a.s.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Firefox Backup Tool version 1.0 (HKLM-x32\...\{436F639D-D59B-455E-92FC-8346FEF8E571}_is1) (Version: 1.0 - firefox64bit.com)
Frostpunk (HKLM-x32\...\Frostpunk_is1) (Version:  - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version:  - )
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 15.0.15309.1315 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{83D9E6C0-5F20-49B4-9ACF-80A24A1A045D}) (Version: 12.9.18.3 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{7504A7B0-003E-4875-A454-B627E127E9D9}) (Version: 100.040.00218 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.4.65 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
K-Lite Mega Codec Pack 13.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.6.0 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Rotator version 2.0.1 (HKLM-x32\...\{1D2DBEF4-FF54-4E64-971E-8EE1E9585BB6}_is1) (Version: 2.0.1 - Chris Pearce)
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.2.6793 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My.com Game Center (HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\MyComGames) (Version: 3.198 - My.com B.V.)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.21.179 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.16.0822 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.16.0822 - GIGABYTE)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.6.58388 - Electronic Arts)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
TomTom MyDrive Connect 4.1.6.3253 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.6.3253 - TomTom)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VTuner (HKLM-x32\...\{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE) Hidden
VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.3 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {022F06B7-8E73-440C-B83B-097C960A279B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {109DA2CF-302A-4559-A944-0D445D45AEE0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-26] (AVAST Software)
Task: {1880624C-8653-47C7-A61C-7FBE5E6B06AE} - System32\Tasks\{7AD3E5BB-EBA9-0406-7C09-B86B1A289053} => C:\Users\Martin\AppData\Local\eIqvkvuHzys.exe
Task: {27484585-BB30-4A28-A41E-4C7591DA0E03} - System32\Tasks\Hybrid => C:\IORRT\IORRT.bat
Task: {27817703-1602-4A36-BD99-B4C2B9D3FF9B} - System32\Tasks\{5C8ED5D3-1585-C910-1176-0764E3EF262B} => "C:\Program Files\Mozilla Firefox\firefox.exe" newcityinworld.ru/cl/?guid=k7kjjiglc67r8d2l5zqor04rdhm6iytt&prid=1&pid=4_1408_0
Task: {2BAD83F8-5232-436F-B643-F58ECA17A051} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {2C713754-3305-4506-B1B1-E578F4B5CBE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {2D15345D-EDE1-43D8-9C72-B299E6CADA4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {2DF2D7B8-E08B-49C2-8D6F-1C0334BB5D12} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-01] (Piriform Ltd)
Task: {2F375588-865D-4525-BE2F-4BD39129BB33} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-10-18] ()
Task: {53A3E3EB-0317-442C-AADB-71DCB9586087} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {5897B93D-CB66-4238-B8DF-D96C154B6035} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {6A673136-EC87-43BB-A504-1C10EEC1D0D7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-08-17] (AVAST Software)
Task: {75D112E0-1F9F-4B06-AC47-8574CC8CEB49} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-17] (Adobe Systems Incorporated)
Task: {7DFFB49E-705E-4628-8C83-F99BB41B0756} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {97D2A660-0186-43C9-9A50-3997D127BFBF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A70F9072-9039-443E-855F-81C68D97A18E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
Task: {A87F37C9-9CA4-4F8F-9BDA-56067C6FF948} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-17] (Adobe Systems Incorporated)
Task: {B91744E4-0B84-4D86-A03D-F67E8E795B14} - System32\Tasks\{11166195-271D-83AF-E8AE-306531F2E5C4} => C:\Program Files (x86)\AauaIyI.exe [2009-07-14] (Microsoft Corporation) <==== ATTENTION
Task: {CBC87390-CA9B-4383-8770-AFC4856FCBFC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {E1B7EE3E-48EB-40A3-9194-FB1378E92936} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-01] (Piriform Ltd)
Task: {E3C22E1D-C02A-475E-8A23-77198664436F} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {E7F4F8C6-9411-4F7B-B510-1124F4946B50} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {F765A8B3-7A45-43D5-AD58-56569181C295} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Martin\Desktop\adwcleaner_7.2.2.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Public\Desktop\Firefox Backup Tool.lnk -> C:\Program Files (x86)\Firefox Backup Tool\FirefoxBackupTool.exe ()

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7881 more sites.

IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\...\123simsen.com -> www.123simsen.com

There are 7881 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-08-27 17:24 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4198378926-2468882242-2286024969-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E58AA5BA-EA98-408F-B36E-AC3606AFB078}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F39C84F2-C232-41BD-B918-0DFDDE0481A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{61CF27F9-1379-480C-88D4-E080A0CBBEA6}] => (Allow) D:\Hry\Steam\Steam.exe
FirewallRules: [{E1974930-D21E-4C84-99C8-AF920EF03909}] => (Allow) D:\Hry\Steam\Steam.exe
FirewallRules: [{F168F92A-A80A-432E-BFB6-CA51058731CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{260E9803-5474-4D8D-8E68-3A082A3BF785}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{ADBE7692-FDD6-4221-92D7-D6B5586281E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DD24BB77-4612-40AD-81BD-94F6AAADB359}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{123C60DE-5CE5-4B64-88EB-15ED2CD5CD8A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{DC13FE79-B31D-4674-AAE2-0339CD629373}D:\hry\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\hry\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{AFC9F904-9624-4093-A7A8-B1F3A0819F73}D:\hry\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\hry\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [{1804EBF0-7069-48BB-91BD-EF671D06C0BA}] => (Allow) D:\Hry\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{6A29BBAA-F686-4A9A-A018-0ED3C8C6BD8B}] => (Allow) D:\Hry\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{C6BD70F9-EF42-414E-B3AE-6407D0215C51}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{059F0160-C8F5-40C0-9B99-DA4F5A0FA714}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe
FirewallRules: [TCP Query User{78B90F8F-F7AB-4FB1-90E3-AFC36C502506}D:\hry\diablo iii\diablo iii.exe] => (Allow) D:\hry\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{F7903EC5-9E27-4265-B5AB-1B815B4311A9}D:\hry\diablo iii\diablo iii.exe] => (Allow) D:\hry\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{7EDFA986-06A0-468E-AF4D-81486D4659DE}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe
FirewallRules: [UDP Query User{AA285D24-B6F9-46E5-8B08-7467409A4DE3}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe
FirewallRules: [TCP Query User{89E63342-1A17-4859-8455-85864FA1883A}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{CE57516E-A22B-4DB1-9BC6-733B00C726C8}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe
FirewallRules: [{199B97F6-AF86-4246-BCFB-705373A8265C}] => (Allow) D:\Hry\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{6F07CF26-1BC0-426A-80E6-4632B8FF5F32}] => (Allow) D:\Hry\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{7E72F7C0-1367-4EAD-B8C6-27F34439FD95}] => (Allow) D:\Hry\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{7CBAD6A9-B475-42E1-AD5D-83648B25A83D}] => (Allow) D:\Hry\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{37912C49-6A00-40D2-9DBC-B169828873EF}] => (Allow) D:\Hry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FF2B0308-3A1E-42D5-9172-25A16056EA9E}] => (Allow) D:\Hry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{05DE4A44-992D-4F59-8887-ABC4144884D7}] => (Allow) D:\Hry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{5ABAC5CC-C713-41BC-92AC-054955DBE0A6}] => (Allow) D:\Hry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{780F26DB-2545-4FA8-96B7-85149AB857EA}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{29CC2411-2F60-4B88-AAB8-7EE15F87AD34}C:\users\martin\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\martin\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{D8C51351-11C7-42BE-A9D7-0A00C615464B}] => (Allow) D:\Hry\Steam\steamapps\common\Fortify\Fortify.exe
FirewallRules: [{FDD4B8A4-FF1B-4235-87BD-A70DB8C82EC4}] => (Allow) D:\Hry\Steam\steamapps\common\Fortify\Fortify.exe
FirewallRules: [TCP Query User{7C65E550-23FE-470E-8483-7628A48B5664}D:\programy\smart view\smart view.exe] => (Allow) D:\programy\smart view\smart view.exe
FirewallRules: [UDP Query User{8973D65E-3510-4F20-9D71-2994C99833C5}D:\programy\smart view\smart view.exe] => (Allow) D:\programy\smart view\smart view.exe
FirewallRules: [{284CC41E-B262-4745-8EF3-CC156AE8467C}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9DE22E47-977A-4FBF-BEC6-E204FEBB8515}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{736A82A6-415B-4B19-8FF6-5F3CD78EA5CE}] => (Allow) D:\Hry\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{6D57A78B-9FB6-4719-8383-1806D117FADE}] => (Allow) D:\Hry\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{C02173BC-E9E5-4CA7-AB97-4C6C016F2086}] => (Allow) D:\Programy\MyDrive Connect\TomTom MyDrive Connect.exe
FirewallRules: [TCP Query User{738F06E8-C6A1-49A5-B0CD-37311B2D930B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{48256A99-658D-4694-8B55-4CA5DBFD648C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{A2AF156E-F709-40B8-B61F-AD6522B8BB98}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe
FirewallRules: [UDP Query User{A270CCDE-E12D-4C97-BF77-FA74063CFB4B}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe
FirewallRules: [{478EA716-F045-4335-9339-FF325AEB8AD0}] => (Allow) LPort=3935
FirewallRules: [TCP Query User{C4E8EF26-383E-42AC-BDC5-F851C6501E72}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [UDP Query User{D192287B-D9E3-4FB9-8E51-3A5A31209A8E}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [{7BAD8ED0-C50A-4FCA-A9B1-2056E7AD5D79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0CB65883-4516-49FE-8C98-85C9362AE278}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D5B1A5DE-802E-4E3A-97F9-222F7451C74E}] => (Allow) D:\Hry\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [TCP Query User{7EE4BAE0-C769-41CB-9B2F-02B4F84F7636}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{BD297D11-1F6A-481C-ACC1-84F463F4BE18}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{87DC32A4-6384-49CE-BBAA-ED05E10FFC5D}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [UDP Query User{AF9632B2-0854-4A9F-8F77-9A05E520D901}C:\program files\java\jre1.8.0_171\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{80846298-1A6B-463A-B844-7FDB800F1360}] => (Allow) D:\Hry\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{2BC04B09-60FA-43EF-9AAE-BF0B284C6F9B}] => (Allow) D:\Hry\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe
FirewallRules: [{BAC66355-9BD3-43FC-B6D5-41255AAF3A8C}] => (Allow) D:\Hry\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [{0F1763BB-8859-4964-9F45-71A906FBFB76}] => (Allow) D:\Hry\STAR WARS Battlefront II\starwarsbattlefrontii.exe
FirewallRules: [{4FADBAD7-3CA1-479D-A01E-DB2829ADCDC6}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{155D7F18-7548-41DF-BCA6-1EF8D87BA65C}] => (Allow) D:\Hry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{610E651E-FF9E-413B-8766-7C116BE9932F}] => (Allow) D:\Hry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A69C5359-1303-4F74-A679-CC1C0E3BD77A}] => (Allow) D:\Hry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{05886B2E-8B80-4320-803C-C73D67AE8AFB}] => (Allow) D:\Hry\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9BE9BE07-BDB4-41E7-9D4E-89E9F2B9657A}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{763639E6-320A-47CA-B7CC-6915B56BEC19}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{89BC2F79-32C4-4E64-B9F6-79DC31595E90}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{A2E8154B-E593-463A-9BB2-46A0C73F1D4F}] => (Allow) C:\Users\Martin\AppData\Local\eIqvkvuHzys.exe
FirewallRules: [{2C38F5C3-1337-4E8C-B2D1-561EA83A1564}] => (Allow) C:\Program Files (x86)\AauaIyI.exe
FirewallRules: [{77D74950-67C7-4E2A-B318-88DD4AE947CC}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{8A1F2C2A-32E9-4478-AE4B-535B94DF78D5}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{3BAEFA13-7E6F-46D7-BA93-BEAF09F8D2BB}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{D0ED722E-A23A-4D0C-8F7B-C8E5EF1C8CF7}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{53B21D85-6A5A-40AC-A00F-18DAFF50A710}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [TCP Query User{A12ABD32-15F8-49C6-8D65-0B826355D3C7}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [UDP Query User{3418742E-F0FC-429E-BA9A-4C5FB659F0FF}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [{FBF4B697-1C93-4D5B-BE59-390E888D95EC}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{26E2254A-9B07-4D5E-BBB6-0A7AD3F1525B}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [TCP Query User{FBDE53AB-D523-409C-8F26-2AEA671D0147}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [UDP Query User{A49D090E-C9CA-4F9B-9FCC-61FE51CDD411}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [{01E647D1-30CC-401D-801F-847B2686E34C}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{B591527D-F957-4719-888D-9B8884430344}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{557177F0-7FD2-458D-B845-E076E79AB607}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C012D28E-7156-403A-8A1D-F34BDAEED400}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{5503448B-DA3D-4BDB-BDCD-051FC7484BA9}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{F6950A72-5692-49B8-AA93-083E4EF7D62E}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{1EB2F588-302B-4A2F-ABE1-8F97AA2E3BCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FC40CDDD-14A7-48F4-BE81-0F2113DC606F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{60D28E1B-5B42-4818-B359-95D831DBCED1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{74D03C63-9DDD-4534-9BDF-0A2586A86335}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E20C718D-1103-49CB-BEBA-8EE27860D422}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{4B4179A9-C508-41A7-B7C6-863F05B66327}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{18914307-29C8-4E5C-B1CB-EAD831EE959B}] => (Allow) C:\Windows\SysWOW64\svchost.exe
FirewallRules: [{3F611CE4-FE55-4457-BA5E-59E2E627336B}] => (Allow) C:\Windows\SysWOW64\svchost.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/27/2018 05:37:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/27/2018 05:24:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/27/2018 05:02:35 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/27/2018 04:52:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/27/2018 04:49:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/27/2018 04:41:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/27/2018 04:36:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/26/2018 10:06:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (08/27/2018 05:35:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby: 
Nepodařilo se zahájit  závislou službu nebo skupinu.

Error: (08/27/2018 05:35:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby: 
Nepodařilo se zahájit  závislou službu nebo skupinu.

Error: (08/27/2018 05:35:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby: 
Nepodařilo se zahájit  závislou službu nebo skupinu.

Error: (08/27/2018 05:35:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby: 
Nepodařilo se zahájit  závislou službu nebo skupinu.

Error: (08/27/2018 05:35:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby: 
Nepodařilo se zahájit  závislou službu nebo skupinu.

Error: (08/27/2018 05:35:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby: 
Nepodařilo se zahájit  závislou službu nebo skupinu.

Error: (08/27/2018 05:35:42 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1084 = Tuto službu nelze spustit v nouzovém režimu.  při pokusu o spuštění služby WSearch s argumenty  za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/27/2018 05:35:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby: 
Nepodařilo se zahájit  závislou službu nebo skupinu.


CodeIntegrity:
===================================

Date: 2017-10-28 20:51:51.797
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-28 20:51:51.747
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-28 20:51:51.677
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-28 20:51:51.627
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-28 20:51:51.567
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-28 20:41:51.915
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-28 20:41:51.865
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-28 20:41:51.805
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570S CPU @ 2.90GHz
Percentage of memory in use: 9%
Total physical RAM: 8141.2 MB
Available physical RAM: 7330.88 MB
Total Virtual: 16280.54 MB
Available Virtual: 15514.92 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:172.05 GB) NTFS
Drive d: (Data) (Fixed) (Total:1863.02 GB) (Free:924.24 GB) NTFS
Drive f: (CORSAIR) (Removable) (Total:3.74 GB) (Free:3.73 GB) FAT32

\\?\Volume{d7115f43-c470-11e6-b7da-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2489B755)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: ACC5A42F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 3.8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0B)

==================== End of Addition.txt ============================