Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by khorn (12-01-2018 18:33:49)
Running from C:\Users\khorn\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2017-10-31 15:58:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1118115312-3801252556-2245077984-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1118115312-3801252556-2245077984-503 - Limited - Disabled)
Guest (S-1-5-21-1118115312-3801252556-2245077984-501 - Limited - Disabled)
khorn (S-1-5-21-1118115312-3801252556-2245077984-1001 - Administrator - Enabled) => C:\Users\khorn
WDAGUtilityAccount (S-1-5-21-1118115312-3801252556-2245077984-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam)
Aktualizace NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
CPUID CPU-Z 1.81.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.81.1 - )
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
Curse Client (HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Discord (HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\Discord) (Version: 0.0.299 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{412595B6-5162-4792-8DEE-2766FBC6C1EC}) (Version: 12.7.2.60 - Apple Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.3 - PandoraTV)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Word 2013 (HKLM\...\Office15.WORD) (Version: 15.0.4420.1017 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 57.0.4 (x64 cs)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.23 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.10 - MSI)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.31 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.1 - OBS Project)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Ovládací panel NVIDIA 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.31 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.18.526.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Sidify Music Converter Free 1.0.4 (HKLM-x32\...\Sidify Music Converter Free) (Version: 1.0.4 - Sidify)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
SSDFresh 2018 (HKLM-x32\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 7 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Twitch (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\Wargaming.net Game Center) (Version: 17.10.0.7079 - Wargaming.net)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World_of_Warplanes_EU (HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\WOWP.EU.PRODUCTION) (Version:  - Wargaming.net)
XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.5.1 - GIGABYTE Technology Co.,Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1118115312-3801252556-2245077984-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-22F12FC0E0AF}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1118115312-3801252556-2245077984-1001_Classes\CLSID\{9ef720d3-e468-4b89-b5cb-340fdc982c90}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-01-03] (AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-01-03] (AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04AB2506-5F54-4835-B698-6E2E2BD61CD0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-31] (Google Inc.)
Task: {0CB7F8B1-8C37-4D51-B2FA-F182F0D3DF76} - System32\Tasks\WinService => C:\Users\khorn\.win\que.vbs
Task: {1A06B3CE-CEA5-4A2E-8204-5743E10AF16F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-21] (AVAST Software)
Task: {1A19348A-C723-4D24-8BE0-BC52AE22CF06} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
Task: {1F7CA77E-9BAF-4084-9FC4-1383731D8C2A} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {35D80147-FA2B-4919-9AAE-C1EA0A907DDA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
Task: {4CF499B8-0058-4A13-BEAA-B0BC28185154} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {580FB8FA-C4F0-4B9F-B00B-2CFC65B020EC} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SM1LEY-khorn sm1ley => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {6527D680-F7DC-4D78-AD8E-FC55FE60FE16} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-16] (NVIDIA Corporation)
Task: {6CC4B3C9-E4C8-4E94-85EF-9BAD060FD783} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
Task: {6E94E265-870E-496A-BC1F-90C88536419B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-31] (Google Inc.)
Task: {7C8D9CBB-36EA-48BA-A4E2-6ABA82E45D79} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {92CFD833-C0AD-49B6-ABA5-1BCBBD737225} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {9B2BB06D-2885-450E-B2BB-4A64A9BD9DCD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {9D753AC7-00FC-4B4C-B4AE-75F03023309E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-07] (AVAST Software)
Task: {9EBD1E69-2B6B-4086-A9DB-1A4294C486D7} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
Task: {A6590658-6EC5-44DF-9F1E-F80104327FED} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {ACD05128-0D77-4489-A1B0-8134083B7649} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel(R) Corporation)
Task: {B1F271BA-C91A-4521-9886-AB954DF965AF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
Task: {B39E5A21-226E-4EEF-A94B-F98D3530F2D5} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE => C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [2017-04-12] (GIGABYTE Technology Co.,Ltd.)
Task: {C32E8298-D6BC-4F93-8885-2100A53F7B9F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
Task: {CA5F6316-7BD3-43D1-B063-3C168BF1941F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-khorneus7@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {D216F474-573B-46C2-A364-6984AAF631E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D6D8CC0B-0E9A-4222-9F41-A1700B892AB2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-16] (NVIDIA Corporation)
Task: {D914AF3E-83CE-4EC5-8100-A050A87625D6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-16] (NVIDIA Corporation)
Task: {E1D2464D-910F-4A85-AA9C-2C4F6605594E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\khorn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\TwitchAlerts Stream Labels.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kgmggmdngboajiakmbpdknfpdelbjbcg

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 12:15 - 2016-10-05 12:15 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 12:15 - 2016-10-05 12:15 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-11-01 16:45 - 2017-11-16 02:41 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-12 17:02 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-12-13 12:01 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 12:01 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-09 11:37 - 2018-01-03 10:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-09 11:37 - 2018-01-03 10:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2016-10-04 17:09 - 2016-10-04 17:09 - 000253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2018-01-11 19:41 - 2018-01-11 19:41 - 002420200 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9747\Battle.net Helper.exe
2017-10-31 15:43 - 2017-11-16 02:41 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-10-31 15:43 - 2017-11-16 02:40 - 066906560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-12-21 23:04 - 2017-12-21 23:04 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-12-21 23:04 - 2017-12-21 23:04 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-12-21 23:04 - 2017-12-21 23:04 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-10-31 15:44 - 2017-10-31 15:44 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-21 23:04 - 2017-12-21 23:04 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-12-21 23:04 - 2017-12-21 23:04 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-31 19:04 - 2016-08-18 20:26 - 000225792 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GvFireware.dll
2017-10-31 19:04 - 2014-05-01 02:49 - 000025088 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\BSL430.dll
2017-12-14 15:44 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-10-31 15:43 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-17 12:22 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-10-31 15:43 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-10-31 15:43 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-14 15:44 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-14 15:44 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 15:44 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 15:44 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 15:44 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-17 12:22 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-10-31 15:43 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-10-31 15:44 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-12-14 15:44 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-10-31 15:43 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2018-01-09 22:45 - 2018-01-09 22:45 - 068505088 _____ () C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2017-09-25 13:28 - 2017-09-25 13:28 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-01-11 19:41 - 2018-01-11 19:41 - 000540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9747\ortp.dll
2018-01-11 19:41 - 2018-01-11 19:41 - 067967976 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9747\libcef.dll
2018-01-11 19:41 - 2018-01-11 19:41 - 000133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9747\libEGL.dll
2018-01-11 19:41 - 2018-01-11 19:41 - 003384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.9747\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\kmpmedia.net -> hxxp://player.kmpmedia.net

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-12-27 18:22 - 2018-01-12 16:07 - 000000056 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1 player.kmpmedia.net

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1118115312-3801252556-2245077984-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{86529061-5F5B-49A4-B119-211514752482}D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{121ACB33-BEB0-40BB-9F7A-B7CE870CA90F}D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\games\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{AE55D5DC-BE8A-43C6-BF58-ADAD4F90B60C}] => (Allow) D:\Games\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{1DFBC2E4-C2B4-48E5-8BC4-4701D00FA47E}] => (Allow) D:\Games\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{1C20D1D4-49EE-478B-A3A3-7859A30772AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{287BCEA1-0BFF-42AC-8755-0BC337349305}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C97E513F-7C52-4C18-B967-6B9B740F1680}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C272D8C2-F281-4AB0-9F1C-18F00A649130}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{56ED7A6D-46C8-4306-93A9-80CCB734A353}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8610086D-B6ED-42CE-800C-8643A1BE2EB0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02CEAE73-B07C-468C-8378-8DBCB6207CF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B45CD50B-1965-4805-AE92-4923BBF55586}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{546D2C7C-B314-4C52-80CF-ADC9ED802A74}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B83E1896-B8FF-4281-998B-23F7FF36D0C8}] => (Allow) D:\Games\steamapps\common\Rust\Rust.exe
FirewallRules: [{0271D188-82B2-4C0E-84F0-8BD4DA2EB524}] => (Allow) D:\Games\steamapps\common\Rust\Rust.exe
FirewallRules: [{1A0AF65D-5630-4BD8-B9F5-36DA29D24865}] => (Allow) D:\Games\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{CB077080-D2D0-4892-992F-9B633471E2D3}] => (Allow) D:\Games\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{D418E96E-9986-40FB-897D-A6529B4F4638}] => (Allow) D:\Games\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{99B183B5-2571-488C-8A69-440DD7338F85}] => (Allow) D:\Games\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{C1D6BFA3-3BC4-415D-8D07-70830F3EB80D}C:\users\khorn\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\khorn\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{E2E67945-A2A6-46E1-898B-E5C044CF693E}C:\users\khorn\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\khorn\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{BA1573BF-7462-4EBA-B6F2-F7F37D174388}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E755B604-89BE-4DB7-A255-A3BE02DA1085}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{80929874-B1CA-430E-88A8-91E30146F263}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6CE8A916-FBB4-4919-B278-AE269A9C0B6F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BA5162C8-F7D3-46A9-B778-13778185FF9D}] => (Allow) D:\Games\steamapps\common\Business Tour\BusinessTour.exe
FirewallRules: [{7272FEE9-C4B5-4548-A9D7-49704718F362}] => (Allow) D:\Games\steamapps\common\Business Tour\BusinessTour.exe
FirewallRules: [{6B51C02E-10B6-406F-9636-FE2043DA2564}] => (Allow) D:\Games\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{58BE6FAB-1D9E-4FCF-8562-A026DFA9F6FA}] => (Allow) D:\Games\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{D4E12EEA-0E70-4A5E-98A6-FB1D60B2D5CE}] => (Allow) D:\Games\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{D17A5911-AB86-480C-9F09-BA8C17214C10}] => (Allow) D:\Games\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{45F722AA-0FD0-40D8-9279-438A81C0CEC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{16ACBD94-D4E4-4C0E-96EA-119482BE9A2D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{397D3C24-DEFC-47B2-8CDC-5A4255347B07}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{89AEF24D-569D-465E-9E3B-53287635AFEA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{671D81F1-CA62-4F67-ADB3-2894D92EA487}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{7155FC35-0D66-4587-8B88-2ED130A49B6F}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{6438BE00-529A-4071-BA73-0A6227CFD800}C:\users\khorn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\khorn\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{99533F12-03A9-4D3F-8E64-BA567223566C}C:\users\khorn\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\khorn\appdata\roaming\spotify\spotify.exe
FirewallRules: [{98619D0A-F850-479F-AB64-FD7CB61263FB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{5178A7E2-72DC-4272-ADF5-90378FE932A7}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D0C9E73F-5796-4EA6-B246-09CDC6982F99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{ED8145B4-4144-4E19-BF4B-BF6CB0C1F989}] => (Allow) D:\Games\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{B5D68501-CB60-4EAA-A7E6-7798D6023C1E}] => (Allow) D:\Games\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{CE35BA2B-C562-4F1E-A350-B980C843B30E}] => (Allow) D:\Games\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{386AC226-7776-45A9-99FF-DACDBCE386A0}] => (Allow) D:\Games\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{6C4FBD09-2A09-478E-91C2-62234B5BA20A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Restore Points =========================

05-01-2018 00:54:54 Instalováno Realtek High Definition Audio Driver
09-01-2018 22:44:44 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
09-01-2018 22:44:52 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/12/2018 05:24:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LiveUpdate_Service.exe, verze: 1.0.0.52, časové razítko: 0x59f9a5e7
Název chybujícího modulu: NDA.dll_unloaded, verze: 1.0.0.15, časové razítko: 0x581aa4cc
Kód výjimky: 0xc0000005
Posun chyby: 0x000f650e
ID chybujícího procesu: 0x7a4
Čas spuštění chybující aplikace: 0x01d38bc1c4e566fe
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
Cesta k chybujícímu modulu: NDA.dll
ID zprávy: f187ec7e-f9fe-4942-8c40-d21376dc7c6f
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2018 05:01:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LiveUpdate_Service.exe, verze: 1.0.0.52, časové razítko: 0x59f9a5e7
Název chybujícího modulu: NDA.dll_unloaded, verze: 1.0.0.15, časové razítko: 0x581aa4cc
Kód výjimky: 0xc0000005
Posun chyby: 0x000f650e
ID chybujícího procesu: 0x928
Čas spuštění chybující aplikace: 0x01d38bbea0d8758b
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
Cesta k chybujícímu modulu: NDA.dll
ID zprávy: d15d3f01-8ec2-4e03-a619-6829c40143ef
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2018 05:01:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname sm1ley.local already in use; will try sm1ley-2.local instead

Error: (01/12/2018 05:01:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister   16 sm1ley.local. AAAA FE80:0000:0000:0000:5515:C87E:6EB3:45C0

Error: (01/12/2018 05:01:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:5515:C87E:6EB3:45C0:5353    4 sm1ley.local. Addr 192.168.1.149

Error: (01/12/2018 01:27:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.16299.15, časové razítko: 0xbf7b6630
Kód výjimky: 0xc000041d
Posun chyby: 0x00005b36
ID chybujícího procesu: 0x2014
Čas spuštění chybující aplikace: 0x01d38b326affa77e
Cesta k chybující aplikaci: C:\Users\khorn\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 85115a69-48e6-4085-97d6-90f565a2c887
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2018 12:11:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.16299.15, časové razítko: 0xbf7b6630
Kód výjimky: 0xc000041d
Posun chyby: 0x00005b36
ID chybujícího procesu: 0x2a7c
Čas spuštění chybující aplikace: 0x01d38b2edef45338
Cesta k chybující aplikaci: C:\Users\khorn\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: a7bd249e-c6a2-42be-bc7f-84ea89a916f2
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2018 08:49:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/11/2018 08:49:23 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/11/2018 08:49:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu MSDTC v knihovně DLL C:\WINDOWS\system32\msdtcuiu.DLL se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (01/12/2018 05:25:41 PM) (Source: DCOM) (EventID: 10016) (User: SM1LEY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli SM1LEY\khorn (SID: S-1-5-21-1118115312-3801252556-2245077984-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/12/2018 05:24:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/12/2018 05:24:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/12/2018 05:24:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/12/2018 05:24:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/12/2018 05:24:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/12/2018 05:23:38 PM) (Source: DCOM) (EventID: 10010) (User: SM1LEY)
Description: Server Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/12/2018 05:23:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/12/2018 05:23:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/12/2018 05:23:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Online Connect byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===================================
  Date: 2018-01-12 18:27:37.504
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:27:37.503
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:24:21.457
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:24:21.456
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:21:26.750
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:21:26.747
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:12:02.920
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:12:02.917
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:06:23.985
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-12 18:06:23.984
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 28%
Total physical RAM: 16347.08 MB
Available physical RAM: 11654.48 MB
Total Virtual: 18779.08 MB
Available Virtual: 13200.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.56 GB) (Free:137.9 GB) NTFS
Drive d: (HDD) (Fixed) (Total:931.51 GB) (Free:723.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 3F1A1D5F)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=852 MB) - (Type=27)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================