Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.02.2019
Ran by oldaz (18-02-2019 20:26:22)
Running from C:\Users\oldaz\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-05-20 18:32:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4190638168-695966393-593125652-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4190638168-695966393-593125652-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4190638168-695966393-593125652-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-4190638168-695966393-593125652-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4190638168-695966393-593125652-1006 - Limited - Enabled)
oldaz (S-1-5-21-4190638168-695966393-593125652-1001 - Administrator - Enabled) => C:\Users\oldaz
WDAGUtilityAccount (S-1-5-21-4190638168-695966393-593125652-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{5F4E8D94-3947-4019-9239-D2541C9A35F2}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{7A5E4942-A527-42E6-A5FC-95109B756CA8}) (Version: 3.5.1.7 - Intel) Hidden
3DMark 11 (HKLM\...\{FD67BFA0-E205-47AA-BA09-123B3B72DB5E}) (Version: 1.0.132.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20091 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Aktualizace NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 418.81 - NVIDIA Corporation) Hidden
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{ef2ad7ab-dd41-48ed-ae53-f7fe3cd903d8}) (Version: 3.5.1.7 - Intel)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LibreOffice 5.2.5.1 (HKLM\...\{94F6F085-DBB7-4992-8F73-2CD09D3C8670}) (Version: 5.2.5.1 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\{1945856D-A68E-43D3-846D-F8DFDE4A69F7}) (Version: 2.2.0.630 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.630 - LogMeIn, Inc.)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office 2016 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 16.0.11231.20174 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4190638168-695966393-593125652-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 60.0.1 (x64 cs)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 418.81 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 58.0.3135.65 (HKLM-x32\...\Opera 58.0.3135.65) (Version: 58.0.3135.65 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 418.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 418.81 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Tarzan (HKLM-x32\...\{68F423B1-B08A-4EFC-8414-408455443322}) (Version:  - )
The Witcher 3 Wild Hunt GOTY Edition (HKLM-x32\...\The Witcher 3 Wild Hunt GOTY Edition_is1) (Version: 1.31 - CD PROJEKT RED)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wolfenstein New Order version 1.1.0 (HKLM-x32\...\Wolfenstein New Order_is1) (Version: 1.1.0 - REPACKY BY TOMI2K9)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B0D9494-7437-476B-9379-94F9E1CD8454} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {0B8758D9-15D1-4A77-AA61-38B110076397} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0F3A06B9-2FCE-418C-A09F-687C1632A6FE} - System32\Tasks\S-1-5-21-4190638168-695966393-593125652-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {123D9909-EEB8-4905-BEBE-607FF754F087} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {148D8D7C-C6D3-4DD2-B074-03ADFB3D986C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {1B385351-4AB1-4B7C-855B-EAA32A6DD7DC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1BBCA3E0-0CCC-4358-A323-37C60857D7F6} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D8C696A-B1C5-41B0-ACA4-43384720C496} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {2393B780-EC8D-40FF-927E-CC5A85CC1D4C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {23EFADAC-94C2-4462-8944-482F611A2E9C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {263578D9-8402-4A32-AC72-DCB20122F8CA} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe (ASUSTeK Computer Inc. -> AsusTek)
Task: {2FEA87ED-122F-4EB4-A977-5A4677A32C07} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {322BD32D-0D2E-4EFC-9847-F67B4D81E75F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {41CF62E4-17B5-420A-B99A-2A15AE9A7BD1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49AB88DC-BC6B-4521-AE88-656E89946D08} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4E398286-84AB-4E12-9F85-D5F778583972} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {6A7C6DEC-B6DA-4276-A7AC-2913DFE0EC6A} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {6D33C210-B807-4B71-AF24-81EA26E01066} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79ED3509-DDA7-48CD-978E-1C6AE1560EBE} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CD635F8-BE6C-482B-BD61-BDBEBF7D4A87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {81A20AF1-1B23-47A0-A259-4D501421BB98} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {831513E4-83FD-41F2-B1F9-81565C036E51} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99D95878-7ACF-4629-B501-3C51C636D703} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A292AD02-63DF-4CCD-B11E-B660923DD86F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B9DD2A12-B2B0-404A-ADCB-723DD1D06984} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF69924A-7D14-4C2F-AD82-4B74F9A3EC45} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {BFE5BE11-1AB8-41F0-8D6A-17E1E87376E2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C137EF27-0486-445E-ADB1-3EEB29A2A35D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C6B7D421-6D81-46EE-A3D7-23CC2E0B7B9E} - System32\Tasks\Opera scheduled Autoupdate 1473507156 => C:\Program Files (x86)\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {D08D12AD-A5CE-48F2-B21D-0B050BCDCB82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D26050EB-2859-40CE-9E2F-78E437907EE2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D43E6CA8-BB9D-48B7-8EF0-230F2BE1E087} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {EF245342-4F11-4A7F-9E9E-2AF30875F2AB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F075A1B5-B78C-4B1D-83E1-1379F678919E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {F1692AF1-40DA-4FC0-93FC-BDBED4508746} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F9286280-F69F-4745-A8D0-A82B82E1B5E4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFD72202-6D5F-497A-9F00-C77099B15EB7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-02-09 13:33 - 2019-01-30 21:17 - 001315208 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000195832 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2019-02-18 16:16 - 2019-02-18 16:16 - 006885008 _____ () c:\program files\avast software\avast\defs\19021802\algo64.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000937208 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2018-12-19 19:01 - 2018-12-19 19:01 - 002329336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000282360 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000578296 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000616696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000267000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000323832 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000978680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000243960 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000750840 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000411384 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000558840 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000665336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sampler_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000853240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000636152 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_fps_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000303864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_heartbeat_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000778488 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 19:49 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-11-30 21:57 - 2016-11-30 21:57 - 000401888 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-02-13 14:56 - 2019-02-06 03:25 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-24 19:20 - 2018-10-24 19:21 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-02-15 19:34 - 2019-02-15 19:35 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-02-15 19:34 - 2019-02-15 19:35 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-02-15 19:34 - 2019-02-15 19:35 - 010541568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-02-15 19:34 - 2019-02-15 19:35 - 002933760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\skypert.dll
2019-01-18 22:15 - 2019-01-18 22:15 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-02-13 22:23 - 2019-02-13 22:23 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
2019-02-13 22:23 - 2019-02-13 22:23 - 000654216 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-07-11 17:24 - 2018-07-11 17:24 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-02-15 19:34 - 2019-02-15 19:35 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-19 19:01 - 2018-12-19 19:01 - 000863480 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
2018-12-19 19:01 - 2018-12-19 19:01 - 000312568 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000555768 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll
2018-12-19 19:01 - 2018-12-19 19:01 - 000636152 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_foreground_window_input.dll
2018-09-19 09:12 - 2018-09-19 09:12 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-02-14 17:35 - 2019-02-14 17:35 - 000021824 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2018-10-24 19:15 - 2019-02-18 16:29 - 000336715 _____ () C:\Users\oldaz\AppData\Roaming\System\update-client.exe
2019-02-18 16:30 - 2019-02-18 16:30 - 000000600 _____ () C:\Users\oldaz\AppData\Roaming\System\V2\SKEL\a867cd535fba4297de2ef750de02e57ef49bb633.Tls
2019-01-30 22:29 - 2019-01-30 22:29 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-30 22:29 - 2019-01-30 22:29 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-01-16 21:28 - 2019-01-16 21:29 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-09-30 06:14 - 2017-09-30 06:15 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-30 22:29 - 2019-01-30 22:29 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-30 22:29 - 2019-01-30 22:29 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-01-30 22:28 - 2019-01-30 22:29 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 18:50 - 2018-08-30 18:51 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 18:56 - 2018-07-26 18:56 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-12 19:52 - 2019-02-12 19:52 - 008562688 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1901.311.0_x64__8wekyb3d8bbwe\OneConnect.dll
2017-11-04 17:23 - 2019-01-30 21:17 - 001033096 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-02-14 17:35 - 2019-02-14 17:35 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2019-02-14 17:35 - 2019-02-14 17:35 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-01-04 20:16 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-4190638168-695966393-593125652-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\oldaz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EE56F033-8AC2-491C-9E12-AB2783BE2919}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{473D0123-7FEC-4FFE-8CD6-4232FDF6506E}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{332E9FAB-B4E3-4BC9-A660-A3FCD3A08E35}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{CEC400C8-C37C-4378-B220-85BCCC32F266}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{78A864DA-52DC-43C1-94DD-35ECB020DF8F}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.)
FirewallRules: [{58CDD4DD-AEB4-48E4-9B36-6C801F89A49A}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.)
FirewallRules: [{77071271-595D-4F80-8FA2-29B972583BB3}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.)
FirewallRules: [{CA6EF3D5-1EF6-4E6B-B4BD-E3F8884AD689}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn, Inc. -> LogMeIn Inc.)
FirewallRules: [UDP Query User{14E2D7FE-A252-47C7-AF3F-005A06C7D546}C:\program files (x86)\repacky by tomi2k9\wolfenstein new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\repacky by tomi2k9\wolfenstein new order\wolfneworder_x64.exe (MachineGames)
FirewallRules: [TCP Query User{1366DEB4-CD20-4752-8314-4AF16954AA5D}C:\program files (x86)\repacky by tomi2k9\wolfenstein new order\wolfneworder_x64.exe] => (Allow) C:\program files (x86)\repacky by tomi2k9\wolfenstein new order\wolfneworder_x64.exe (MachineGames)
FirewallRules: [UDP Query User{4930D1B3-0452-43D8-A175-0786007BBFF0}C:\program files (x86)\ubisoft\far cry 4\bin\ige_wpf64.exe] => (Allow) C:\program files (x86)\ubisoft\far cry 4\bin\ige_wpf64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [TCP Query User{784600A8-7CF2-4E3C-8691-8C4866626170}C:\program files (x86)\ubisoft\far cry 4\bin\ige_wpf64.exe] => (Allow) C:\program files (x86)\ubisoft\far cry 4\bin\ige_wpf64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{6A584764-A724-4F88-8A62-7F75AE26B191}C:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{2637C3BD-F2A4-472D-BFD2-D2064D05E328}C:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\ubisoft\far cry 4\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{5C1D1FC1-C511-4CA7-807D-A56410765533}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B816C976-05F9-47E4-9CC1-25B99231C808}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8B15721D-B4DD-41ED-A3F4-735B5B5F11C9}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{40BE318D-00E5-41C7-B994-A894B27488BB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [UDP Query User{5B2EAB53-8735-4FEC-ABEF-9EE95F4A8E9E}C:\users\oldaz\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oldaz\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{DED624B9-2227-4EA1-AF2C-4B1D2B1E9B53}C:\users\oldaz\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oldaz\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{B6BE9FE1-0FE3-4A60-8EE8-80DDA128A5D8}C:\users\oldaz\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oldaz\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{58F2071B-CBE4-4FCE-9F67-1ED04BFB8384}C:\users\oldaz\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oldaz\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.)
FirewallRules: [{4A50FB97-B56A-4134-9D78-D6B2DC767867}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C154EAC0-4FB1-4FCC-97D9-AAAB344C69C9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{386639B7-3CB2-42EB-A443-F144E96C87FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A44C5467-ABC5-4D54-8861-C1404DC18392}] => (Allow) C:\Program Files (x86)\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{FD512E85-7308-4997-B7DB-4D53EA28B3F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{32661D3E-C784-4B34-9C20-1277B4FBC91B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55A18B9B-C959-4419-87F2-A211A89E711B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{CBCEE504-1734-4EE1-81ED-8A07E5FF5FCB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{A9772627-9289-4DAC-B1C4-ADB3270844FA}] => (Allow) D:\Games\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{FE380496-D65F-4192-B3CA-3A7CF9EDF813}] => (Allow) D:\Games\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{9AD8B175-AC98-4A05-9383-70F198601484}D:\games\fifa19.exe] => (Allow) D:\games\fifa19.exe (Error3: CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Electronic Arts)
FirewallRules: [UDP Query User{03818F08-86F5-4C05-8E00-A6A23962CFBF}D:\games\fifa19.exe] => (Allow) D:\games\fifa19.exe (Error3: CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Electronic Arts)
FirewallRules: [{F2FE33F3-A21E-4F6F-B4FB-6327292ACFBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{31D12AB5-6DF1-4800-A9B2-48B363266569}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2EAE1746-AE36-4F9B-993F-5A69FB89BBE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C5312FD3-8854-4451-A2BE-79E19FB71C2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11AD71D3-5624-42C9-8DEB-11ADB6D78EE8}] => (Allow) C:\Program Files (x86)\Opera\58.0.3135.65\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DAEC516E-3E01-4B07-86E5-E076CF4A9DE2}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{E7ABC435-C32B-4A01-ACF0-6511A92DB4CA}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{A24C3B68-3464-4755-A125-D85ACD2DDF8B}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{71DF9969-11E3-4FE6-BD86-23B0AE071AF4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{C0577741-88A1-4ACE-989E-FFF517065E12}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

13-02-2019 14:51:59 Windows Update
14-02-2019 17:28:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/18/2019 04:30:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: update-client.exe, verze: 0.0.0.0, časové razítko: 0x5bbbf659
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000003b94c2
ID chybujícího procesu: 0x2b34
Čas spuštění chybující aplikace: 0x01d4c79ee2a455cb
Cesta k chybující aplikaci: C:\Users\oldaz\AppData\Roaming\System\update-client.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: d97245e3-f50c-43b8-9e1f-1e0f280d49e4
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/18/2019 04:28:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/18/2019 04:28:36 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/18/2019 04:28:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu Lsa v knihovně DLL C:\Windows\System32\Secur32.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/18/2019 04:28:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu ESENT v knihovně DLL C:\WINDOWS\system32\esentprf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/18/2019 04:28:35 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu .NETFramework v knihovně DLL C:\WINDOWS\system32\mscoree.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/18/2019 04:15:07 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (02/18/2019 04:15:07 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (02/18/2019 06:55:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 06:51:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-92SB12E)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-92SB12E\oldaz (SID: S-1-5-21-4190638168-695966393-593125652-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 05:55:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-92SB12E)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-92SB12E\oldaz (SID: S-1-5-21-4190638168-695966393-593125652-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 05:33:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 05:27:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-92SB12E)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli DESKTOP-92SB12E\oldaz (SID: S-1-5-21-4190638168-695966393-593125652-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 04:42:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-92SB12E)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 a APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 uživateli DESKTOP-92SB12E\oldaz (SID: S-1-5-21-4190638168-695966393-593125652-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 04:32:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 04:30:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Update Orchestrator Service přestala během spouštění reagovat.


Windows Defender:
===================================
Date: 2019-01-28 20:49:18.387
Description: 
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.15600.4
Předchozí verze modulu: 1.1.14500.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80004004
Popis chyby: Operace přerušena 

Date: 2018-05-26 12:04:32.395
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.261.310.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru. 

Date: 2018-05-26 12:04:32.395
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.261.310.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru. 

Date: 2018-05-26 12:04:32.394
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.261.310.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru. 

Date: 2018-05-26 12:04:32.119
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.261.310.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x800704cf
Popis chyby :Umístění v síti není dosažitelné. Informace týkající se řešení problémů se sítěmi naleznete v Nápovědě systému Windows. 

CodeIntegrity:
===================================

Date: 2018-11-17 20:50:12.287
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Opera\56.0.3051.99\opera.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_f9209c020158b9d9\nvinit.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-17 15:41:18.728
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Opera\56.0.3051.99\opera.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_f9209c020158b9d9\nvinit.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-17 14:39:22.311
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Opera\56.0.3051.99\opera.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_f9209c020158b9d9\nvinit.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-17 14:01:36.599
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_f9209c020158b9d9\nvinitx.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-17 13:25:21.010
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Opera\56.0.3051.99\opera.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_f9209c020158b9d9\nvinit.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-16 22:08:15.396
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Opera\56.0.3051.99\opera.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_f9209c020158b9d9\nvinit.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-15 22:39:48.572
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Opera\56.0.3051.99\opera.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_f9209c020158b9d9\nvinit.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-15 21:08:39.897
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_f9209c020158b9d9\nvinitx.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 42%
Total physical RAM: 8075.29 MB
Available physical RAM: 4679.4 MB
Total Virtual: 9355.29 MB
Available Virtual: 5308.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:196.74 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:356.56 GB) NTFS
Drive f: (TERROR755) (Removable) (Total:3.62 GB) (Free:3.61 GB) FAT32

\\?\Volume{52506ffe-c626-4cb7-a83c-bdc8662d054d}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.58 GB) NTFS
\\?\Volume{e2ff85f2-23c1-4b1e-9d58-22b430c8cffa}\ (Restore) (Fixed) (Total:15.01 GB) (Free:4.32 GB) NTFS
\\?\Volume{a3ede530-1d93-4edb-ae21-5c27cb2267b1}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=3.6 GB) - (Type=0C)

==================== End of Addition.txt ============================