Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
Ran by Toshiba (25-01-2018 21:29:36)
Running from C:\Users\Toshiba\Desktop
Windows 10 Pro Version 1709 16299.192 (X64) (2017-12-25 05:18:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4262173415-836903344-3083506412-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4262173415-836903344-3083506412-503 - Limited - Disabled)
Guest (S-1-5-21-4262173415-836903344-3083506412-501 - Limited - Disabled)
Toshiba (S-1-5-21-4262173415-836903344-3083506412-1001 - Administrator - Enabled) => C:\Users\Toshiba
WDAGUtilityAccount (S-1-5-21-4262173415-836903344-3083506412-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\uTorrent) (Version: 3.5.1.44321 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aktualizácie NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 11.0.159.0 - ESET, spol. s r.o.)
Exodus (HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\exodus) (Version: 1.42.0 - Exodus Movement Inc)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM\...\{E093BF8F-9D6D-342E-ADAC-7BD6F40C3BDE}) (Version: 63.0.3239.132 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{58b3beca-b999-4f6f-a48c-81681136a620}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.0.1.1 - Duodian Technology Co. Ltd.)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Grafický ovládač 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.65 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.65 - NVIDIA Corporation) Hidden
Plague Inc Evolved (HKLM-x32\...\Plague Inc Evolved_is1) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.0 - Power Software Ltd)
Secret World Legends (HKLM-x32\...\Secret World Legends_is1) (Version: 1.0.0 - Funcom)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 13.0.0.13 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
TNod User & Password Finder (HKLM\...\TNod) (Version: 1.6.3.1 - Tukero[X]Team)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
War Thunder Launcher 1.0.3.58 (HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Waterfox 56.0.3 (x64 en-US) (HKLM\...\Waterfox 56.0.3 (x64 en-US)) (Version: 56.0.3 - Waterfox Ltd)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WinRAR 5.50 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
XnView 2.43 (HKLM-x32\...\XnView_is1) (Version: 2.43 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4262173415-836903344-3083506412-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4262173415-836903344-3083506412-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4262173415-836903344-3083506412-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4262173415-836903344-3083506412-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4262173415-836903344-3083506412-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4262173415-836903344-3083506412-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-04] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-10-24] (Power Software Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05EFFE19-7C30-4268-9710-DCB58BF023F6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-12-16] (NVIDIA Corporation)
Task: {0D193FF8-D18C-40F1-9DD8-EFCEFB018301} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {1DF9A6D3-F94C-4647-8D53-6379B57E7CD4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-12-16] (NVIDIA Corporation)
Task: {26F31151-3554-414B-A048-211207FD0CB5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-16] (NVIDIA Corporation)
Task: {4A186469-2E78-49ED-9D15-3C5E7CCD2E13} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-01] (Piriform Ltd)
Task: {51BB16F4-3C0D-4D35-8969-BFAC5710C19F} - System32\Tasks\Driver Booster SkipUAC (Toshiba) => C:\Program Files (x86)\IObit\Driver Booster\Driver Booster\4.2.0\DriverBooster.exe
Task: {607280ED-9DE4-46AD-B596-AE88A4AA89BB} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-ORBMDGB-Toshiba DESKTOP-ORBMDGB => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {639749FA-7F5A-4F46-A8A9-757DBA17E8DB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-16] (NVIDIA Corporation)
Task: {69091B3F-0EA9-4F40-A42C-76BC0C1808BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-03] (Google Inc.)
Task: {7DC2744B-3404-447A-8DF1-FE50338ECE21} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-12-16] (NVIDIA Corporation)
Task: {834A9067-D108-43EB-9B8D-26DE3CB63161} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {966C34C2-F725-4D4D-B2D8-96BE6E10DE0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-03] (Google Inc.)
Task: {C411919D-F72E-474F-AD7D-47DEFC8445A4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {D85E87A4-81D1-4E11-8978-14150F8184FF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-12-16] (NVIDIA Corporation)
Task: {ED5FF47E-B8DA-4639-815D-C67C0A049454} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-01] (Piriform Ltd)
Task: {EE581C1E-CA9B-4154-ABA9-8C9A32DF0D8C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-12-16] (NVIDIA Corporation)
Task: {F7994473-E704-4F10-BD89-8866E5F842A3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FE08254F-CC98-4B45-ADEF-7E579378B261} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-12-16] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-01-13 10:20 - 2018-01-04 02:44 - 000544056 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-12-30 14:44 - 2017-12-16 01:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-26 01:43 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-26 01:42 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-30 14:44 - 2017-12-16 01:23 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4262173415-836903344-3083506412-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Toshiba\AppData\Roaming\Waterfox\Desktop Background.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: FoxitReaderService => 2
HKLM\...\StartupApproved\Run: => "TNOD UP"
HKLM\...\StartupApproved\Run32: => "TNOD UP"
HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-4262173415-836903344-3083506412-1001\...\StartupApproved\Run: => "MinerGateGui"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9B39C0F8-A92D-4A1E-BC08-E7275CED18C3}] => (Allow) E:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{C2B0A724-F90E-4EFB-86D6-6D8664174E4E}] => (Allow) E:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{9560D83A-EA43-40F5-B31B-E18008810A6C}] => (Allow) E:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{174B3016-AD17-4D1E-BABC-59D096E236EB}] => (Allow) E:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{B1094B9E-3FAA-4C53-9A0A-EAB6C2450E01}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{32968234-0246-4437-A584-593D005632D9}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe
FirewallRules: [{F02A221A-B634-4353-AF96-53ABB50246F2}] => (Allow) LPort=8090
FirewallRules: [{63C6800E-093B-4909-9B10-7085322DD0FF}] => (Allow) LPort=20443
FirewallRules: [{4D090708-31A6-4639-B741-10A08A5A4745}] => (Allow) LPort=33333
FirewallRules: [{4B31BA8A-4E69-47BF-9668-49775FC13B43}] => (Allow) LPort=6881
FirewallRules: [{FEFE67AE-25BF-48A9-B412-822C39C11B77}] => (Allow) LPort=27022
FirewallRules: [{7CB046C3-C3ED-4E30-9908-EE76418A4D1E}] => (Allow) LPort=7853
FirewallRules: [{89D56E59-DA54-4428-BB74-94B129D8B1F8}] => (Allow) LPort=7852
FirewallRules: [{D36E007C-CBBB-4447-B613-E3880383AC67}] => (Allow) LPort=7850
FirewallRules: [{34C401BC-778C-43BC-8DFF-C44C4633D1AF}] => (Allow) LPort=3478
FirewallRules: [{A777ADAE-6680-4841-813C-B49E67FED806}] => (Allow) LPort=20010
FirewallRules: [{77B0B0C1-9652-4957-8EA4-BAF97ABAE26E}] => (Allow) LPort=443
FirewallRules: [{A7EFF20A-495C-4E54-9692-EF96850A1DB0}] => (Allow) LPort=80
FirewallRules: [{11C50722-3BEE-4470-AAE9-1499FB94CF66}] => (Allow) E:\Games\WarThunder\gaijin_downloader.exe
FirewallRules: [{E6A89171-03CA-4179-B815-8D45E1D7E351}] => (Allow) E:\Games\WarThunder\gaijin_downloader.exe
FirewallRules: [{95D275E7-80D5-4BA4-81E0-9B6A8EB9ED57}] => (Allow) E:\Games\WarThunder\bpreport.exe
FirewallRules: [{DFA2A3D2-2CAD-4368-B353-C479AFAFA752}] => (Allow) E:\Games\WarThunder\bpreport.exe
FirewallRules: [{8C81A22E-5DC9-44B8-BD07-7DCCE24BEE00}] => (Allow) E:\Games\WarThunder\launcher.exe
FirewallRules: [{0F2A9A2C-4773-47BC-8D8C-D1E6260DECEF}] => (Allow) E:\Games\WarThunder\launcher.exe
FirewallRules: [{3CED98C0-6F6D-4513-8A94-40E0094DEB4B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8F0839B6-7C49-4BC7-A46B-E6462139F17E}] => (Allow) C:\Users\Toshiba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E4D67D37-D992-4131-A071-A6B3E87F06C9}] => (Allow) C:\Users\Toshiba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{783F7D8F-D2D6-4B6D-984C-9EDA4031D2D5}] => (Allow) C:\Users\Toshiba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B2A05201-E256-4CB3-ABCD-A532F7430AB8}] => (Allow) C:\Users\Toshiba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{032F644D-326D-403E-B633-376895ED84DE}] => (Allow) C:\Users\Toshiba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{286DACBF-79E8-487B-A638-6E2DDEA22B13}] => (Allow) C:\Users\Toshiba\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9C859BC7-DABC-4D54-A707-6B569F9170B2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AEB308B2-E227-4489-9EE5-45B8AD5199D3}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{6F1B6A85-08C2-405B-B90B-15CCEA9F4E32}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{CA31FFE4-DD43-43FC-B1E8-285E6DC68E65}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{42EEF5F8-6D66-48BA-8407-F409B466A2A7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2AFEA1F7-B716-440E-A74C-0C42809A2C44}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E6C46017-F206-4351-8625-79FBAA0924D1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1DB5419D-3774-4ADC-8D58-DE6A72006DE1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8D40E44F-480E-46C6-9569-E9B5205216DB}] => (Allow) C:\Program Files (x86)\Funcom\Secret World Legends\ClientPatcher.exe
FirewallRules: [{276D6D8E-0A24-4F90-8CF3-EE5262B8A43D}] => (Allow) C:\Program Files (x86)\Funcom\Secret World Legends\ClientPatcher.exe

==================== Restore Points =========================

10-01-2018 19:34:40 Windows Update
22-01-2018 00:09:27 Installed ESET Security

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2018 09:26:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wmplayer.exe version 12.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 22a0

Start Time: 01d3961a8ca973e3

Termination Time: 0

Application Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Report Id: 22f66894-9ac6-4aaa-ae56-24cfacceda35

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/25/2018 09:18:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wmplayer.exe version 12.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2110

Start Time: 01d396191cd765f9

Termination Time: 9

Application Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Report Id: 35bafa70-1adb-4381-a802-3332cea46e5a

Faulting package full name: 

Faulting package-relative application ID:

Error: (01/25/2018 09:01:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: waterfox.exe, verzia: 56.0.3.6585, časová značka: 0x5a57ffb6
Názov chybujúceho modulu: xul.dll, verzia: 56.0.3.6585, časová značka: 0x5a580060
Kód výnimky: 0x80000003
Odstup chyby: 0x000000000050f20d
Identifikácia chybujúceho procesu: 0x4e8
Čas spustenia chybujúcej aplikácie: 0x01d3961617c57128
Cesta chybujúcej aplikácie: C:\Program Files\Waterfox\waterfox.exe
Cesta chybujúceho modulu: C:\Program Files\Waterfox\xul.dll
Identifikácia hlásenia: 816f6bc8-bb8a-48d3-b9e9-f6826a7b5c60
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/25/2018 08:52:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/25/2018 08:51:53 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/25/2018 08:51:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/25/2018 08:13:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/25/2018 08:13:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/25/2018 08:08:58 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (01/25/2018 06:09:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent


System errors:
=============
Error: (01/25/2018 09:26:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:43 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:35 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:31 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:27 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:23 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (01/25/2018 09:26:15 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 25%
Total physical RAM: 8173.86 MB
Available physical RAM: 6116.38 MB
Total Virtual: 9453.86 MB
Available Virtual: 7068.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:233.67 GB) (Free:149.69 GB) NTFS
Drive e: (DATA) (Fixed) (Total:230.8 GB) (Free:69.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 857193F0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=822 MB) - (Type=27)
Partition 4: (Not Active) - (Size=230.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================