Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-08-2017
Ran by monik (07-08-2017 21:52:11)
Running from C:\Users\monik\Downloads
Windows 10 Home Version 1703 (X64) (2017-07-11 09:58:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1334476022-1534162846-687786227-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1334476022-1534162846-687786227-503 - Limited - Disabled)
Guest (S-1-5-21-1334476022-1534162846-687786227-501 - Limited - Disabled)
joker (S-1-5-21-1334476022-1534162846-687786227-1002 - Limited - Enabled) => C:\Users\joker
monik (S-1-5-21-1334476022-1534162846-687786227-1001 - Administrator - Enabled) => C:\Users\monik

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3027 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3007 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Aktualizácie NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
AlphaGo (HKLM-x32\...\{7DD59459-36DB-4CD0-BF2B-DC407E88544C}) (Version: 1.1.9 - AlphaGo) <==== ATTENTION
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Asistent pri inovácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.12.0 - Dashlane, Inc.)
ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.)
Google Chrome (HKU\S-1-5-21-1334476022-1534162846-687786227-1001\...\Google Chrome) (Version: 60.0.3112.90 - Spoločnosť Google Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-1334476022-1534162846-687786227-1001\...\HearthstoneDeckTracker) (Version: 1.3.6 - HearthSim)
Innkeeper (HKU\S-1-5-21-1334476022-1534162846-687786227-1001\...\Innkeeper) (Version: 0.4.7 - Curse Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Malwarebytes verzia 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
memoQ 2015 (HKLM-x32\...\{02493572-ba7f-4e14-9669-d4f3ca7e6734}_is1) (Version:  - Kilgray)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1334476022-1534162846-687786227-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA Grafický ovládač 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.106.20.0 - Overwolf Ltd.)
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version:  - )
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1334476022-1534162846-687786227-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\monik\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (GoogleInc.)
CustomCLSID: HKU\S-1-5-21-1334476022-1534162846-687786227-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\monik\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (GoogleInc.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (AcerIncorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (AcerIncorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (AcerIncorporated)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2017-03-19] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (AcerIncorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (AcerIncorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (AcerIncorporated)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Windows Defender\ShellExt.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers1: [MemoQContextMenu] -> {E81E9F62-F62B-49BE-8F07-FA55E1C231EE} => C:\Program Files (x86)\Kilgray\memoQ-2015\MemoQContextMenu.dll [2017-01-16] (Kilgray)
ContextMenuHandlers1: [ModernSharing] -> {e2bf9676-5f8f-435c-97eb-11607a5bedf7} => C:\WINDOWS\system32\ntshrui.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers1: [Open With] -> {09799AFB-AD67-11d1-ABCD-00C04FC30936} => C:\WINDOWS\system32\shell32.dll [2017-07-28] (MicrosoftCorporation)
ContextMenuHandlers1: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINDOWS\system32\ntshrui.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (AlexanderRoshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (AlexanderRoshal)
ContextMenuHandlers1-x32: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => C:\Windows\System32\WorkfoldersShell.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ContextMenuHandlers2: [EnhancedStorageShell] -> {2854F705-3548-414C-A113-93E27C808C85} => C:\Windows\System32\EhStorShell.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Windows Defender\ShellExt.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers2: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINDOWS\system32\ntshrui.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers3: [CopyAsPathMenu] -> {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} => C:\WINDOWS\system32\shell32.dll [2017-07-28] (MicrosoftCorporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers3: [SendTo] -> {7BA4C740-9E81-11CF-99D3-00AA004AE837} => C:\WINDOWS\system32\shell32.dll [2017-07-28] (MicrosoftCorporation)
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Windows Defender\ShellExt.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers4: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINDOWS\system32\ntshrui.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => C:\Windows\System32\WorkfoldersShell.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-08] (IntelCorporation)
ContextMenuHandlers5: [New] -> {D969A300-E7FF-11d0-A93B-00A0C90F2719} => C:\WINDOWS\system32\shell32.dll [2017-07-28] (MicrosoftCorporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-02] (NVIDIACorporation)
ContextMenuHandlers5: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINDOWS\system32\ntshrui.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers5: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => C:\Windows\System32\WorkfoldersShell.dll [2017-03-19] (MicrosoftCorporation)
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ContextMenuHandlers6: [Library Location] -> {3dad6c5d-2167-4cae-9914-f99e41c12cfa} => C:\WINDOWS\system32\shell32.dll [2017-07-28] (MicrosoftCorporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2017-07-12] (MicrosoftCorporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (AlexanderRoshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (AlexanderRoshal)
ContextMenuHandlers6-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-22] (MicrosoftCorporation)
ContextMenuHandlers1_S-1-5-21-1334476022-1534162846-687786227-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ContextMenuHandlers4_S-1-5-21-1334476022-1534162846-687786227-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)
ContextMenuHandlers5_S-1-5-21-1334476022-1534162846-687786227-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\monik\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll [2017-07-26] (MicrosoftCorporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {003F51E9-D157-4F2F-9411-AB203E4857DB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\WINDOWS\system32\usoclient.exe [2017-03-19] (MicrosoftCorporation)
Task: {05C35C43-30B0-478C-A045-7452BCE45E4E} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\WINDOWS\system32\defrag.exe [2017-03-19] (MicrosoftCorp.)
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\WINDOWS\system32\MDMAgent.exe [2017-03-19] (MicrosoftCorporation)
Task: {0CC2C164-C391-4AE1-AC44-61014D23FC1F} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\WINDOWS\system32\defrag.exe [2017-03-19] (MicrosoftCorp.)
Task: {0D7652DE-EBE6-456F-834E-74171C2C1769} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [2017-03-18] (MicrosoftCorporation)
Task: {0E6680C4-65BD-4498-86A8-0291850EC248} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2017-06-20] (MicrosoftCorporation)
Task: {1C2F3985-BDFB-4F33-BFE9-D5FDED4978C7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\WINDOWS\system32\usoclient.exe [2017-03-19] (MicrosoftCorporation)
Task: {21E476EF-1BFA-4915-A4EB-A929B78DE20A} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-07-30] (AcerIncorporated)
Task: {240478A4-B7D2-43B1-AF21-626C77E72C1F} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\WINDOWS\system32\disksnapshot.exe [2017-03-19] (MicrosoftCorporation)
Task: {2532DB2F-A598-4946-BA1F-6EBE9D19C34C} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\WINDOWS\System32\WindowsActionDialog.exe [2017-03-19] (MicrosoftCorporation)
Task: {2DD0F44B-098A-4789-BA9A-5F16C670D0A8} - System32\Tasks\Cotegeploders System => C:\Program Files (x86)\Phaderplemaing\xstiesh.exe [2017-03-20] (GlarysoftLtd)
Task: {2FDDBFDB-0925-420A-81D9-C56B98B26330} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install => C:\WINDOWS\system32\usoclient.exe [2017-03-19] (MicrosoftCorporation)
Task: {33C04DDB-DE68-4033-8570-ADDDBFF99E1B} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\WINDOWS\System32\WiFiTask.exe [2017-03-19] (MicrosoftCorporation)
Task: {3AEEF4D4-C4A8-42A1-8A1E-80CA054C2E9C} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\WINDOWS\system32\srtasks.exe [2017-03-19] (MicrosoftCorporation)
Task: {3EA82649-A360-4898-A6FB-C273024D1364} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\WINDOWS\System32\wpcmon.exe [2017-03-19] (MicrosoftCorporation)
Task: {4051EB0B-2917-432F-B9F9-431C7E3C9181} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\WINDOWS\system32\RAServer.exe [2017-03-19] (MicrosoftCorporation)
Task: {47A409A8-49A6-4E86-BFDD-19C1DCE49036} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (AppleInc.)
Task: {4A5D4628-E32A-4422-9B01-D37DD4C1CE75} - System32\Tasks\Microsoft\Windows\WwanSvc\NotificationTask => C:\WINDOWS\System32\WiFiTask.exe [2017-03-19] (MicrosoftCorporation)
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\WINDOWS\System32\sihclient.exe [2017-07-28] (MicrosoftCorporation)
Task: {50824E8D-DB22-4ADA-AAC7-40D0C8A58290} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1334476022-1534162846-687786227-1001 => C:\Users\monik\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2017-07-26] (MicrosoftCorporation)
Task: {52828324-DC08-413D-9603-4794FA6C8CE7} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-06-25] (AcerIncorporated)
Task: {52C4776E-11B1-402C-A230-0A0306A146C4} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\WINDOWS\System32\wsqmcons.exe [2017-03-19] (MicrosoftCorporation)
Task: {58064544-AA46-4D91-A79C-98E3C4209AED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-06-25] ()
Task: {58F9BA16-B323-4236-BF1F-31D8C5ED3E77} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-07-30] (AcerIncorporated)
Task: {5BC5A21F-4785-41A6-B4B1-62FB9B08FABD} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\WINDOWS\System32\dsregcmd.exe [2017-03-19] (MicrosoftCorporation)
Task: {5C326114-085E-444C-9B7A-D3E2E59C549E} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\WINDOWS\system32\devicecensus.exe [2017-06-20] (MicrosoftCorporation)
Task: {5D81326C-D6EC-49A0-AAB5-D8A874E06E83} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2017-06-20] (MicrosoftCorporation)
Task: {6772AC65-7600-4DF2-9BD5-F17292FAAE4B} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\WINDOWS\system32\speech_onecore\common\SpeechModelDownload.exe [2017-03-19] (MicrosoftCorporation)
Task: {70E0A093-79B7-461E-A9C7-B67CD7B1511E} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\WINDOWS\system32\dmclient.exe [2017-03-19] (MicrosoftCorporation)
Task: {748C94C7-75DA-4F33-A8FC-C5C6C3F4F613} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
Task: {75307AE9-B1F8-4DF9-A0F1-8C53C5892328} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe [2017-06-20] (MicrosoftCorporation)
Task: {777C9662-CAF7-4002-B440-F85F73B2FE80} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-08-02] (OverwolfLTD)
Task: {77A44072-06DB-42BD-967F-CAE5E435E23E} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-06-25] ()
Task: {799AC654-A37D-49AA-B0F3-433D7D5EBBD9} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\WINDOWS\System32\WiFiTask.exe [2017-03-19] (MicrosoftCorporation)
Task: {7ED2E1CC-142E-4B2E-878A-CF7344C0F0CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe [2017-06-20] (MicrosoftCorporation)
Task: {829C695F-E874-432A-9A9F-7862D04236B9} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\WINDOWS\system32\dstokenclean.exe [2017-03-19] (MicrosoftCorporation)
Task: {87488988-70F6-44C5-A1BD-E328BE17C205} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\WINDOWS\system32\appidpolicyconverter.exe [2017-03-19] (MicrosoftCorporation)
Task: {88209412-5377-4AA1-B01E-F5D5A6F39E21} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\WINDOWS\system32\SpaceAgent.exe [2017-03-19] (MicrosoftCorporation)
Task: {88E18EB0-E633-47C9-8FE5-84CEAB8F5EF7} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\WINDOWS\system32\AppHostRegistrationVerifier.exe [2017-03-19] (MicrosoftCorporation)
Task: {896ED842-4861-49E9-A2C1-0AE31689F876} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\WINDOWS\system32\ClipUp.exe [2017-03-19] (MicrosoftCorporation)
Task: {8EE52AD7-9F81-40D3-AE0C-9F5DB09BC56F} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe [2017-03-19] (MicrosoftCorporation)
Task: {936FF605-A684-4476-8E62-E051A903B3D3} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe [2017-03-19] (MicrosoftCorporation)
Task: {938954E2-DAFB-4BCD-8740-6AC11EBFE13C} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\WINDOWS\system32\appidcertstorecheck.exe [2017-03-19] (MicrosoftCorporation)
Task: {9567E270-199F-4972-89A3-D7F6816C5917} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\WINDOWS\system32\usoclient.exe [2017-03-19] (MicrosoftCorporation)
Task: {98C31104-1974-4091-B83E-85066BA192D2} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2017-03-20] (MicrosoftCorporation)
Task: {9CF304F4-4D08-4DBB-A568-102240A2160B} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe [2017-03-19] (MicrosoftCorporation)
Task: {A0252F45-2922-43BA-9E93-3FAA5757F0EF} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\WINDOWS\System32\XblGameSaveTask.exe [2017-03-19] (MicrosoftCorporation)
Task: {A0706235-8806-4EAB-9E73-5EF4AE021D66} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (PiriformLtd)
Task: {AC83B3D5-DB15-42B3-B2AE-781B0AACFBED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe [2017-06-20] (MicrosoftCorporation)
Task: {AEE271E9-F669-4E26-94FD-36F3313A4D5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2017-06-20] (MicrosoftCorporation)
Task: {B0B01AAA-FF6C-4441-B75E-44A24B0B37CD} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\WINDOWS\System32\dusmtask.exe [2017-03-19] (MicrosoftCorporation)
Task: {B5EA650A-8EE9-4BA5-BAA0-2A8ACE00500D} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\WINDOWS\system32\spaceman.exe [2017-03-19] (MicrosoftCorporation)
Task: {BCB40FB9-5A69-4E59-966C-A89EB6B17A48} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1334476022-1534162846-687786227-1001UA => C:\Users\monik\AppData\Local\Google\Update\GoogleUpdate.exe [2017-01-28] (GoogleInc.)
Task: {BCC432F2-7A57-4195-881F-9013CF46F613} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\WINDOWS\system32\lpremove.exe [2017-03-19] (MicrosoftCorporation)
Task: {BD69C6ED-AD55-467C-B787-533200C3B376} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\WINDOWS\System32\XblGameSaveTask.exe [2017-03-19] (MicrosoftCorporation)
Task: {C05E2FFD-7D0D-4F6B-952B-A3318F829D19} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\WINDOWS\system32\ProvTool.exe [2017-03-19] (MicrosoftCorporation)
Task: {C162FF56-952F-4ABA-AE13-AA8CB0F4C087} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\WINDOWS\System32\drvinst.exe [2017-03-19] (MicrosoftCorporation)
Task: {C165688B-08AC-44B0-83BF-E45DDEAF5F28} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1334476022-1534162846-687786227-1001Core => C:\Users\monik\AppData\Local\Google\Update\GoogleUpdate.exe [2017-01-28] (GoogleInc.)
Task: {C42799B6-75B2-42CF-8197-3BE332E05553} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe [2017-03-19] (MicrosoftCorporation)
Task: {C4B7570F-1CD1-4793-A825-74CD691DD190} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {C53D54BC-1CF1-4819-8276-1694DADC49C1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2017-06-20] (MicrosoftCorporation)
Task: {C97B639A-C1BF-4E0C-ACFD-CF5B27B65B3C} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\WINDOWS\system32\wermgr.exe [2017-03-19] (MicrosoftCorporation)
Task: {CDC553D2-B5AD-4AF3-BB6D-5AA47466C1F9} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\WINDOWS\system32\ProvTool.exe [2017-03-19] (MicrosoftCorporation)
Task: {CFE9501D-B60F-45DB-B48F-19C572F7F30E} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\WINDOWS\system32\AppHostRegistrationVerifier.exe [2017-03-19] (MicrosoftCorporation)
Task: {D2C50CE0-7E9B-4F0D-A2A4-95AC59829444} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2017-03-19] (MicrosoftCorporation)
Task: {D5EBF28C-A33D-4CBA-8355-0F457EE12498} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\WINDOWS\system32\compattelrunner.exe [2017-06-20] (MicrosoftCorporation)
Task: {DA890B55-CEE0-4F31-BC82-A4083421C6B3} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {DE280E27-41E3-43DD-8D0C-7D14FBD3A6ED} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings => C:\WINDOWS\system32\usoclient.exe [2017-03-19] (MicrosoftCorporation)
Task: {DFBE8EF7-8BEB-4524-BA29-6507B4CF2F2F} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [2015-05-14] ()
Task: {E11183CC-FCAC-479E-B422-6A72654C14EA} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotificationWindows.exe [2017-03-19] (MicrosoftCorporation)
Task: {E11D8A00-538C-4359-99CA-ED9673F9B435} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-20] (Intel(R)Corporation)
Task: {E72E72DF-EFD6-4857-9D58-BD10365667B4} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\WINDOWS\system32\DFDWiz.exe [2017-03-20] (MicrosoftCorporation)
Task: {E7CE31AC-E513-4239-B705-C2D14616AB5C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO:<Companyname>)
Task: {EC11A6F7-343D-49E9-A974-A3716157F2C1} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\WINDOWS\system32\compattelrunner.exe [2017-06-20] (MicrosoftCorporation)
Task: {F29553E2-2525-4CB7-9A26-E8F997967571} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => C:\WINDOWS\System32\UNP\UNPCampaignManager.exe [2017-05-20] (MicrosoftCorporation)
Task: {F88E01C2-99E3-4AF6-BFAA-7ACC8EF521D4} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\WINDOWS\system32\dmclient.exe [2017-03-19] (MicrosoftCorporation)
Task: {F8B72ADB-8C8B-4346-AEF7-31D4BD4E4E2E} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-31] (AcerIncorporated)
Task: {F9015704-44A7-4962-B811-A4C0206CF851} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\WINDOWS\System32\sihclient.exe [2017-07-28] (MicrosoftCorporation)
Task: {FDAFE706-7321-43C2-B291-3F426AC14944} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-06-25] ()
Task: {FFF8211C-B9A4-453A-9053-9441092DE185} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2017-03-20] (MicrosoftCorporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-03-04 20:26 - 2016-03-04 20:26 - 005570728 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2-2.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-08-03 18:19 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-19 06:58 - 2017-03-19 06:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2010-01-10 05:17 - 2010-01-10 05:17 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 10:40 - 2010-01-21 10:40 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2017-07-17 10:24 - 2017-07-17 10:24 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-17 10:24 - 2017-07-17 10:24 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-17 10:24 - 2017-07-17 10:24 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-17 10:24 - 2017-07-17 10:24 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-14 10:27 - 2017-07-14 10:27 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-07-14 10:26 - 2017-07-14 10:26 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2016-06-25 11:54 - 2016-06-25 11:54 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-09-20 04:40 - 2016-05-17 04:02 - 000111320 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2017-06-09 07:28 - 2017-06-09 07:28 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-26 18:38 - 2017-07-26 18:39 - 010631168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-07-26 18:38 - 2017-07-26 18:39 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-08-04 18:16 - 2017-08-04 18:16 - 000019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-08-04 18:16 - 2017-08-04 18:16 - 028986880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-08-04 18:16 - 2017-08-04 18:16 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-08-04 18:16 - 2017-08-04 18:16 - 020510208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-08-04 18:16 - 2017-08-04 18:16 - 002339328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-08-04 18:16 - 2017-08-04 18:16 - 003041792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-06-09 07:28 - 2017-06-09 07:28 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-21 18:15 - 2017-06-21 18:16 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-08-04 18:16 - 2017-08-04 18:16 - 001361920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-07-24 08:15 - 2017-07-24 08:15 - 001528296 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.9093\Battle.net Helper.exe
2017-03-19 06:59 - 2017-03-20 14:10 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-17 14:50 - 2016-05-17 14:50 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-20 04:06 - 2016-06-15 11:14 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-07-26 04:48 - 2017-07-26 04:48 - 068887880 _____ () C:\Program Files (x86)\Overwolf\0.105.329.0\libcef.DLL
2017-07-24 11:02 - 2017-06-01 17:00 - 001949064 _____ () C:\Users\monik\AppData\Local\Innkeeper\app-0.4.7\Electron\bin\InnkeeperUI-win32-ia32\ffmpeg.dll
2017-07-24 11:02 - 2017-06-01 17:00 - 002269064 _____ () C:\Users\monik\AppData\Local\Innkeeper\app-0.4.7\Electron\bin\InnkeeperUI-win32-ia32\libglesv2.dll
2017-07-24 11:02 - 2017-06-01 17:00 - 000086920 _____ () C:\Users\monik\AppData\Local\Innkeeper\app-0.4.7\Electron\bin\InnkeeperUI-win32-ia32\libegl.dll
2016-08-16 03:03 - 2016-08-16 03:03 - 000202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-16 03:05 - 2016-08-16 03:05 - 000654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-16 03:05 - 2016-08-16 03:05 - 000641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-16 03:04 - 2016-08-16 03:04 - 000119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-07-11 19:52 - 2017-07-11 19:52 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-31 00:09 - 2016-08-31 00:09 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-31 00:05 - 2016-08-31 00:05 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-09-09 19:51 - 2016-09-09 19:51 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 19:51 - 2016-09-09 19:51 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2017-07-24 08:15 - 2017-07-24 08:15 - 055782888 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.9093\libcef.dll
2017-07-24 08:15 - 2017-07-24 08:15 - 000540336 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.9093\ortp.dll
2017-07-24 08:15 - 2017-07-24 08:15 - 000133632 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.9093\libEGL.dll
2017-07-24 08:15 - 2017-07-24 08:15 - 003384832 _____ () C:\Program Files (x86)\Blizzard App\Battle.net.9093\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 17:24 - 2015-10-30 17:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1334476022-1534162846-687786227-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 61.9.195.193 - 61.9.194.49
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKU\S-1-5-21-1334476022-1534162846-687786227-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1334476022-1534162846-687786227-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A4305B9A-724D-4BF3-8194-14F51FABF650}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{98B26ED5-F57A-413D-B14A-1164A854991A}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe
FirewallRules: [{9316CE37-F364-4CDD-B847-079CE35159D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5FD2CAAE-0926-4253-9B9E-AC02C7C7223B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{76940C47-74E7-4F2F-A42F-7AA145EDADFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A6EA4B78-322E-4C6F-B539-8F3C191C4F94}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FC3F5DA6-7E43-4AF6-809E-743C9DE165C3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C0A05C65-3714-4A84-B2A1-8769C0187F06}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1C8B22E0-9308-4BBC-A245-B81EBBB34853}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F2A76111-6FFA-4450-8D85-A4BFAB61ED54}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{92A0969D-E716-4388-A0FB-35DB401F5E70}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{069BDD74-E595-4462-9DFE-C148CF144848}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9E324C7C-DCE0-46C9-BD90-B9DB8C6FBFE6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9EE327C4-41C6-4FB3-A84A-5E3102B48B48}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{727370BA-B515-4874-94FD-8A44A4DB320A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6EC57632-F604-411D-82A5-7C2ED236236E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DBA4A8CF-926F-4B68-AE01-F2B3A92B70B8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F6480F6-9FCA-4190-BD6B-C8B94BFFBC9A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{44CDCE5E-FE98-481B-BC97-3A6E90020427}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{14F33587-3879-4DEC-837C-4C58B4141A21}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B8B7DC47-F662-4B6E-B01F-EB1BDDC48E5D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2BB76190-D6A1-44FA-AA67-1E6E341556D0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BCA4D279-7E78-4134-8F09-D5AB1056A1F3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{07EC0B80-E513-4E4B-91D0-74F0978FD31B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{52FD2E09-298C-4F2A-9721-29DBD874248F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3B7CAC24-B1BE-4420-A617-F3D91D1E5D92}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5C99671B-BC15-41B3-BD13-7176D056A7C6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F6EA0C4-A779-4390-8EEB-444E9EB0B158}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5BDED070-7335-4517-92C2-1681C8190B28}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DC69BB4B-90A1-46AE-AA04-AE2BBA3CBF53}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A2E0ECAF-B1B3-4681-A5A6-C7002099B238}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{62973569-AE92-46C5-B7E7-B3636B49BFBD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{57E16B54-635F-42EA-9AA0-7314F69376AF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8DE60F6A-7AD5-418F-92BE-75A6B2B6D1EF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FE702C55-C8C3-4088-A689-ECBA731D290E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EBFA26DF-CC2F-4C7E-B040-86BCDA2B771A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E7132B6F-E142-401E-97A9-710772050C55}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2E091F4C-FB4A-4E2F-B752-CD067FF05018}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CD9A6FA0-BD5F-4C88-A8C3-490DBD7F521E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E80A4146-C1ED-4F5B-A50B-9BC841195326}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D46E535B-6BC4-4A58-8609-13DB1EA35398}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CDD692E7-5D37-4443-A666-D69896818800}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3F2E1A11-6CDA-441D-9BA2-27EBAB4322C2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C8662FE3-1F9B-498D-BD2C-6CE87959CA45}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D23A434F-0CE9-43DF-A09A-B95B54FEC184}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9A7C896E-01F7-45E7-8418-5D2777A0FE66}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{43573CEB-0166-4199-856A-7D86A3B50740}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BFE9C356-E8C5-402E-8458-F318D8FE1396}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C88E6887-2C0B-4422-8B28-D9A1A5F8578D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0D8807CE-DA0D-4641-B597-BE37609C4165}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BAB53730-137B-4D51-B107-71BA2A3EBF47}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{32A8F7C6-4C7C-47B9-825A-7F77021407F4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{34863F21-2E5A-4F16-88DD-A8F847F2E8F8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C0F829C6-8514-422D-8E1F-AE500CBFADE7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BDE5973F-1B51-46C0-B9D2-31D0259D708D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0E9CC141-4941-4621-80F2-6BAEDA51AD3D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6181A5AF-5E46-40D1-9719-5B885949E80C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{399E1EEF-8A73-4FB2-A6F3-B6B9977538ED}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BB64A1EC-6433-4157-B03F-4BE7347464A3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{290E406A-6DC2-4151-A699-C9D83EA9C676}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4AFC5605-28FC-4380-8A10-B572F5E01140}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{24F3D1BC-8A59-4045-8007-79D3F212ED3B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{09DE9D50-BD6C-43F8-AB19-11F4BC23F2B3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{073194ED-AA68-4E53-9A69-5A147E5F21DA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8462AD97-5C63-477C-B9F0-2E02ED0B54D3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F8071AA1-39AE-4971-A2D4-6E9E76A815EE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{43317577-55A9-46CF-AC11-340F25841BA6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F007827C-A939-479D-887D-50ED97EBB15F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FB35D70B-E936-4804-894F-1F455ED95D37}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DF719A26-4EE0-4C9E-914C-1EF07E51B1FF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8233417E-EDAB-407F-9A0B-76AFFDAD7530}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7A16AB6A-762A-4485-8678-078AEB0E3516}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B445456E-DABD-4B3D-82E1-008056E1FEA7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1DD9638C-0999-4224-8BF4-8C18094DC571}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DC64636D-D08A-4BF6-BCBE-0962DD2ECECA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BA4A1885-27C3-4DB1-A72E-2B5FFC52A35B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{344647F6-B2A1-4622-943A-4FBA6B823693}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CFBBCA17-A676-46DB-8A7C-AD8BFC56C8CF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F25C0C14-DC60-4C89-8748-D0D6D66271FE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FB2DEFC7-2FAF-4309-B219-0038D0EA0BA6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{537C5C7F-2F27-43C8-B2B2-D015D53B1E57}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AFAFD5CC-C512-41BB-83D7-DA6DFAC7A63B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F0703D9-E4C2-4646-891E-45712E6D6CEC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A1FB932F-2EC2-4453-843E-8481BD1A54DB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CE2971CA-2701-4220-A81B-E1255D7A5EFC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{009F4AD7-66C0-484A-80F8-39B2034B364A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E2B0E84B-A095-402F-83C1-25F90B84DAF6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5568E527-5B29-41E0-8706-C6476355C81D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{60A94A2F-F4D2-4660-988A-D96303C175FC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7732FAF0-DF3D-4B32-B9E3-79870084F848}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DC5A5516-1E44-4FE2-82A0-830BE30BD404}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{96E7F8E1-DF2F-44AF-9507-A045EA6B5967}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{69C072C6-6B7D-44F7-8D00-094ADCFD401F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{842089D8-2364-4204-95AA-450535199C4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{54D663B6-0A79-4823-B4E7-EF63756BD6F1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C10BD4B8-9537-4DB2-9FE7-6C2286CDE5B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{32FD6287-0AC4-4AA9-B090-451B826D72B6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7943B869-097E-49D3-8F74-80665887C2B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{E8D0EB4C-2B68-4C5A-8F38-FB16B5195CFC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{797FE98F-0C03-489B-921D-72148E678F89}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{26392612-9DD0-40C1-8F76-A1CAD12050CE}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{234A63A5-A72D-4428-95A4-C5DD8A3DB92A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [TCP Query User{9C78EB2E-43C0-4BEA-9492-DDE950FAFADA}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{E5C92884-EDA9-44E6-AF92-86CA1222D6F2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{60684F84-A827-4209-91CF-3304D22221A6}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

20-07-2017 16:48:43 Windows Update
29-07-2017 21:32:55 Scheduled Checkpoint
03-08-2017 20:45:45 Removed BikaQ Rss

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2017 05:45:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.15063.483, časová značka: 0x88a53c1d
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005836
Identifikácia chybujúceho procesu: 0xcc4
Čas spustenia chybujúcej aplikácie: 0x01d30f510ba52d0c
Cesta chybujúcej aplikácie: C:\Program Files (x86)\uTorrent\utorrent.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\GDI32.dll
Identifikácia hlásenia: e6358e5e-5701-4843-b70d-8fa22b822203
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (08/07/2017 05:17:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.15063.483, časová značka: 0x88a53c1d
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005836
Identifikácia chybujúceho procesu: 0x2f24
Čas spustenia chybujúcej aplikácie: 0x01d30f4b5926bc16
Cesta chybujúcej aplikácie: C:\Program Files (x86)\uTorrent\utorrent.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\GDI32.dll
Identifikácia hlásenia: 4151aa74-3d29-479b-9426-e6bd36becfd9
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (08/07/2017 08:37:37 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (08/06/2017 11:52:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-0GGQHKDI)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (08/06/2017 10:36:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (08/06/2017 10:31:07 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (08/06/2017 10:31:07 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (08/06/2017 10:31:07 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/06/2017 10:31:07 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (08/06/2017 10:31:07 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.


System errors:
=============
Error: (08/06/2017 11:52:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-0GGQHKDI)
Description: The server Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX6jbm6fjqte5wzzrf5807m7eq0z44q5gf.mca did not register with DCOM within the required timeout.

Error: (08/06/2017 10:30:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe: 
The request is not supported.

Error: (08/06/2017 10:30:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:48:02 on ‎6. ‎8. ‎2017 was unexpected.

Error: (08/06/2017 10:30:01 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841065424

Error: (08/06/2017 08:28:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe: 
The request is not supported.

Error: (08/06/2017 08:27:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (08/06/2017 08:27:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Modules Installer sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (08/06/2017 08:27:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (08/06/2017 08:27:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (08/06/2017 08:27:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Quick Access Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


CodeIntegrity:
===================================
  Date: 2017-08-07 17:09:28.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:28.745
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:28.731
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:28.718
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:28.705
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:28.698
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:23.624
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:23.606
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:23.589
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-08-07 17:09:23.565
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.105.329.0\x64\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 35%
Total physical RAM: 8060.13 MB
Available physical RAM: 5184.1 MB
Total Virtual: 9340.13 MB
Available Virtual: 5397.45 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:237.36 GB) (Free:152.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 638CA678)

Partition: GPT.

==================== End of Addition.txt ============================