Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by DF (09-03-2018 16:24:49)
Running from C:\Users\DF\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2017-12-22 09:53:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3694548718-1825946254-3049225486-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3694548718-1825946254-3049225486-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3694548718-1825946254-3049225486-1000 - Limited - Disabled) => C:\Users\defaultuser0
DF (S-1-5-21-3694548718-1825946254-3049225486-1001 - Administrator - Enabled) => C:\Users\DF
Guest (S-1-5-21-3694548718-1825946254-3049225486-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3694548718-1825946254-3049225486-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.)
3Planesoft 3D Screensavers All in One 86 (HKLM-x32\...\{6E0D4A47-36E0-42CC-94B9-D8A67F277794}_is1) (Version: 1.86.0.1 - 3Planesoft)
3Planesoft Screensaver Manager 1.4 (HKLM-x32\...\3Planesoft Screensaver Manager_is1) (Version: 1.4 - 3Planesoft)
4K Video Downloader 4.3 (HKLM-x32\...\{F944D21A-044E-439E-B7F6-865A901798E8}) (Version: 4.3.1.2205 - Open Media LLC)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ACDSee Pro 2.5 (HKLM-x32\...\{2D95950E-6D76-43E7-94A5-D9DBA2FD29E4}) (Version: 2.5.335 - ACD Systems International)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{7622903F-BC29-458F-87C8-E8AFD51B87E6}) (Version: 20.21.401.14517 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{7622903F-BC29-458F-87C8-E8AFD51B87E6}) (Version: 20.21.401.14517 - Alcor Micro Corp.)
Alien Isolation (HKLM-x32\...\Alien Isolation_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.7 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0049 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.1.8 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Balíček ovladače systému Windows - ASUS (AsusSGDrv) Mouse  (08/06/2015 8.0.0.19) (HKLM\...\149F37A1996406108DA0EB71D7EBC48895119059) (Version: 08/06/2015 8.0.0.19 - ASUS)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version:  - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.45.50 - Conexant)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.0.0.0631 - Disc Soft Ltd)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.)
Dying Light Ultimate Edition version 1.0.6.1 (HKLM-x32\...\Dying Light Ultimate Edition_is1) (Version: 1.0.6.1 - Mr DJ)
Endless Slideshow Screensaver 1.10.1 (HKLM-x32\...\Endless Slideshow Screensaver_is1) (Version: 1.10.1 - Extreme Internet Software)
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.5.0.0 - NewsGator Technologies, Inc.)
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Hitman (HKLM-x32\...\Hitman_is1) (Version:  - )
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 13.8.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.8.0 - KLCP)
Main Services (HKLM\...\{CCDF2023-BC8F-4A8E-A3EC-E2740C879398}) (Version: 2.0.13 - System Native) Hidden <==== ATTENTION
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 58.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 58.0.2 (x64 cs)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MP3 CD Doctor (HKLM-x32\...\MP3 CD Doctor Lite_is1) (Version:  - MP3 Surgeon)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301029}) (Version: 7.02.9753 - Nero AG)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Opera Stable 51.0.2830.40 (HKLM-x32\...\Opera 51.0.2830.40) (Version: 51.0.2830.40 - Opera Software)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Prey v.1.0 (HKLM-x32\...\Prey_is1) (Version:  - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.6 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Registrace uživatele zařízení Canon MP280 series (HKLM-x32\...\Registrace uživatele zařízení Canon MP280 series) (Version:  - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Shadow.Warrior.2.Deluxe.Edition.[v.1.1.3.0]-ALI213 version 1.1.3.0 (HKLM-x32\...\{ACB6FC5F-552D-4C67-A0F5-25555114841B}}_is1) (Version: 1.1.3.0 - Ali213.net)
Syberia 3 (HKLM-x32\...\Syberia 3_is1) (Version:  - )
The Painscreek Killings (HKLM-x32\...\The Painscreek Killings_is1) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.581  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)
WinMend Folder Hidden 1.6.4 (HKLM-x32\...\WinMend Folder Hidden_is1) (Version:  - WinMend.com)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-08] (AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-08] (AVAST Software)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-08] (AVAST Software)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] ()
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-08] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B7A949-7C71-4219-9EE8-0C5BCFFAD1F5} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {1165762F-D2FA-4B50-9543-7B6776503F01} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-17] (AsusTek)
Task: {11B919A4-6CD4-44F0-AC82-5AE16C9EDC85} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {1838D7D3-2A97-45B7-9137-D1F41BAC28D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {204A2799-8D5B-4BCE-8AEF-56BEB067E752} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {25CA6780-DACD-4452-B324-E12A9E61762B} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {297314D2-AFB7-4025-81D2-8916FACB1D13} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {2ACCF2EB-57B2-48A0-8ADE-A256E520C90A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {2D9E8C2B-B599-42F1-B6D8-838E9519B455} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-02-23] (ASUSTek Computer Inc.)
Task: {431EDDF4-0954-4503-9CEF-6A346C2AA151} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {45DFB3A0-CC0C-4B20-9549-248F840602F8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {5FA71342-5087-4B1F-828F-540394D1CDE1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {5FD0C56A-05A3-4A07-B153-4A96AC5C3305} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {615464AE-ED91-444A-BBBC-4AE9FFD2497E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-09-30] (ASUS)
Task: {6DADF64B-FBF0-4085-9941-ED30BD8B24D0} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {6FF38E08-2FBD-4462-B68B-FB88EAF57414} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2018-01-31] ()
Task: {7599516D-5E2C-4712-8D5C-691BC2903A31} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {7B6682F6-3AD1-4B42-B133-81956FE079C3} - System32\Tasks\WinmendUpdateTask_DF => C:\Program Files (x86)\WinMend\Folder Hidden\LiveUpdate.exe [2017-06-19] ()
Task: {860E7C17-1722-449F-B2C3-027872A99DAE} - System32\Tasks\Opera scheduled Autoupdate 1497789448 => C:\Program Files\Opera\launcher.exe [2018-02-21] (Opera Software)
Task: {981540BF-CDB0-46B8-ABBD-6B7FEDAA2E6F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {A5511F05-DD23-4089-B6E6-F5551F484EE6} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B0D94A1E-4B01-44FA-B452-5137FF1E9F3C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {BE3CEF64-42FE-4A49-9CB4-E98DF4CF88FB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {CF03A20D-6DFB-4220-84DE-AFA8AF5E6012} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {D09770AE-609C-4D86-BC6B-6E97237BE5D9} - System32\Tasks\S-1-5-21-3694548718-1825946254-3049225486-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {D2426FB7-B14E-49FE-A562-6A0FDD877826} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-08] (AVAST Software)
Task: {D81FF288-7101-479D-A50C-96F80DAFDC0C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-07-07] (ASUSTek COMPUTER INC.)
Task: {D8308E0F-32FB-46C9-979A-85E57440B697} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-07] (AVAST Software)
Task: {E1F19737-3900-4BF7-A905-8AC391FA526A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E3FD9189-0D12-46E1-B6BA-56C624F02DB4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {F1BF6F52-19A1-4349-A55B-CB0E78E8B23A} - System32\Tasks\WpsExternal_20161114022915 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WinmendUpdateTask_DF.job => C:\Program Files (x86)\WinMend\Folder Hidden\LiveUpdate.exe
Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-02-22 16:45 - 2017-10-27 17:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-06-18 19:59 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-19 16:38 - 2008-06-19 23:41 - 000062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-18 16:34 - 2007-09-02 12:58 - 000495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2017-06-18 19:59 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-18 16:34 - 2007-09-02 12:57 - 000069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2018-03-08 23:16 - 2018-03-08 23:16 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-08 23:15 - 2018-03-08 23:15 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-08 23:15 - 2018-03-08 23:15 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-06-18 19:59 - 2017-10-11 02:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-05-16 22:50 - 2016-05-16 22:50 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-30 20:33 - 2016-09-30 20:33 - 000033280 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-09-30 20:33 - 2016-09-30 20:33 - 000125440 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-09-30 20:33 - 2016-09-30 20:33 - 000029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2018-03-08 23:03 - 000007019 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com

There are 164 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\DF\Documents\Pics\01 Wallpapers\347018.jpg
DNS Servers: 10.106.4.1 - 10.106.47.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6E7FAF4A-5BFD-401E-8354-3FFAD3F507DF}] => (Allow) C:\Users\DF\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{32FEA8FA-D2A4-4E21-B349-DAE32C641B1E}] => (Allow) C:\Users\DF\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A67F75D6-737E-4E79-A85B-0394B0EB0162}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0EF0D8B1-4E31-461D-A8D5-6375D4B2449A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1AA12706-FF97-44E9-AD1E-F8093918B7E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{83F2FA46-C98D-4764-B2A0-D321745ECADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{77B4C3BE-7A73-41CE-B7C0-EF8DAD2BAC20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{E6E3C96C-CB92-4925-9F00-639483B0CB78}C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe
FirewallRules: [TCP Query User{57C62412-F578-4B1F-988F-BF8BEF76C05B}C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe] => (Allow) C:\program files (x86)\r.g. mechanics\alien isolation\ai.exe
FirewallRules: [UDP Query User{A015868B-2A98-49A7-B375-0FE8F8A7834A}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{23DA9C40-EE9C-4952-9BA1-7690AF7D760D}C:\program files (x86)\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [{CFFBEC43-0B8C-4E9A-91D4-FFA401974AC8}] => (Allow) C:\Program Files (x86)\Mr DJ\Dying Light Ultimate Edition\DyingLightGame.exe
FirewallRules: [{556507FC-C646-4925-B3C7-4008FD5BAA10}] => (Allow) C:\Program Files (x86)\Mr DJ\Dying Light Ultimate Edition\DyingLightGame.exe
FirewallRules: [{8B9C2FBF-47DF-43C3-8E1F-59DEA6663BAC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{E8C77169-232D-4C22-8A81-F00C57405509}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{A1361327-3D71-4E86-A9B1-B8756CA8F44C}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{7574601D-1232-4578-9A06-7CAE697E77ED}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
FirewallRules: [{3AB49C91-1BD9-4ABB-8E50-C05C7EA1AB3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5DAA33BB-97F4-42D0-8CFB-5C8C4547CB57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E31D6E1D-C3EC-4F46-8047-D033EFD3EB66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{47696EC7-11CF-4234-B936-47CE5EF65AB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{DE687BD6-6CB9-4592-A7A6-E7024ECE73F8}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{B1209579-86FC-48DF-B3AC-0D3D1F9D20BF}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{EB113D06-978D-475B-91CA-6FFE72C1FB8D}] => (Allow) C:\Program Files\Opera\51.0.2830.34\opera.exe
FirewallRules: [{101CDD03-F9AB-47CB-91F7-C4597AA1592F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C396BDBF-5B9A-4EF0-8725-23A4B6960D17}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FE0BE42C-AF6C-460A-B6E0-AB0973E46759}C:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) C:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [UDP Query User{B3F631DC-C42C-4634-AF7F-9C155F4E74CB}C:\games\prey\binaries\danielle\x64\release\prey.exe] => (Allow) C:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [{4DC2C5BF-8655-4FF7-95DC-8DB1720FCCBF}] => (Allow) C:\Program Files\Opera\51.0.2830.40\opera.exe

==================== Restore Points =========================

14-02-2018 16:19:29 Windows Update
21-02-2018 15:15:41 Windows Update
03-03-2018 08:41:57 Naplánovaný kontrolní bod
08-03-2018 20:43:59 Installed Microsoft Office Professional Plus 2016
08-03-2018 20:44:27 PROPLUS

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2018 10:07:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.16299.15 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1e5c

Čas spuštění: 01d3b7216863ee71

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: bc63dd36-7329-4654-a94c-7c5376683bcc

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy

ID aplikace související s balíčkem s chybou: App

Error: (03/08/2018 10:07:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-EORD0IQ)
Description: Balíček Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/08/2018 09:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ae1bd979cf.exe, verze: 0.0.0.0, časové razítko: 0x5823506b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x100cdb85
ID chybujícího procesu: 0x2bb0
Čas spuštění chybující aplikace: 0x01d3b71cd5695ffa
Cesta k chybující aplikaci: C:\ProgramData\0163fa1137\ae1bd979cf.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6ff9177a-b2d0-4941-a650-79fafef38066
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/08/2018 07:12:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDSeeQVPro25.exe, verze: 2.0.99.0, časové razítko: 0x48b5fa15
Název chybujícího modulu: IDE_ACDStd.apl, verze: 5.0.56.0, časové razítko: 0x48b87e02
Kód výjimky: 0xc0000409
Posun chyby: 0x0000eb6b
ID chybujícího procesu: 0x1f70
Čas spuštění chybující aplikace: 0x01d3b708f8f49890
Cesta k chybující aplikaci: C:\Program Files (x86)\ACD Systems\ACDSee Pro\2.5\ACDSeeQVPro25.exe
Cesta k chybujícímu modulu: c:\program files (x86)\acd systems\acdsee pro\2.5\plugins\IDE_ACDStd.apl
ID zprávy: b107ee56-958b-4f59-a07c-a3698eaac5e4
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/07/2018 06:37:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setup.tmp, verze: 51.1052.0.0, časové razítko: 0x506a75b5
Název chybujícího modulu: botva2.dll_unloaded, verze: 0.9.7.151, časové razítko: 0x2a425e19
Kód výjimky: 0xc000041d
Posun chyby: 0x00005514
ID chybujícího procesu: 0x15f0
Čas spuštění chybující aplikace: 0x01d3b638d39dd6ac
Cesta k chybující aplikaci: C:\Users\DF\AppData\Local\Temp\is-A1G1N.tmp\setup.tmp
Cesta k chybujícímu modulu: botva2.dll
ID zprávy: c2717d08-ce19-447b-9f3b-e5db4157861c
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/07/2018 06:37:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setup.tmp, verze: 51.1052.0.0, časové razítko: 0x506a75b5
Název chybujícího modulu: botva2.dll_unloaded, verze: 0.9.7.151, časové razítko: 0x2a425e19
Kód výjimky: 0xc0000005
Posun chyby: 0x00005514
ID chybujícího procesu: 0x15f0
Čas spuštění chybující aplikace: 0x01d3b638d39dd6ac
Cesta k chybující aplikaci: C:\Users\DF\AppData\Local\Temp\is-A1G1N.tmp\setup.tmp
Cesta k chybujícímu modulu: botva2.dll
ID zprávy: de32af19-798d-4f5d-bc5f-691e7cd4e242
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/07/2018 06:15:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.16299.15, časové razítko: 0x9c786b9a
Název chybujícího modulu: installservice.dll, verze: 10.0.16299.125, časové razítko: 0x6af99607
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000011a19
ID chybujícího procesu: 0x23d0
Čas spuštění chybující aplikace: 0x01d3b637d630b3e6
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\installservice.dll
ID zprávy: 8a2f1aa1-96e5-4066-bee6-d40fc07fd719
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/26/2018 07:35:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: setup.tmp, verze: 51.1052.0.0, časové razítko: 0x506a75b5
Název chybujícího modulu: botva2.dll_unloaded, verze: 0.9.7.151, časové razítko: 0x2a425e19
Kód výjimky: 0xc000041d
Posun chyby: 0x00005514
ID chybujícího procesu: 0x1cac
Čas spuštění chybující aplikace: 0x01d3af288ad934dc
Cesta k chybující aplikaci: C:\Users\DF\AppData\Local\Temp\is-VL0C4.tmp\setup.tmp
Cesta k chybujícímu modulu: botva2.dll
ID zprávy: 67cd0d53-fcf3-4d68-8126-3f41cd6d7479
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

