Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by kulim (27-03-2018 03:41:37)
Running from C:\Users\kulim\Desktop
Windows 10 Pro Version 1709 16299.309 (X64) (2018-03-20 23:34:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3369908771-193429897-2212577217-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3369908771-193429897-2212577217-503 - Limited - Disabled)
Guest (S-1-5-21-3369908771-193429897-2212577217-501 - Limited - Disabled)
kulim (S-1-5-21-3369908771-193429897-2212577217-1001 - Administrator - Enabled) => C:\Users\kulim
WDAGUtilityAccount (S-1-5-21-3369908771-193429897-2212577217-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Advanced SystemCare 11 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 11.0.3 - IObit)
Aktualizace NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 19 (HKLM-x32\...\{91B33C97-BA3F-5C99-C2A6-0EB17CC9054B}_is1) (Version: 19.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 2018 (HKLM-x32\...\{91B33C97-13C3-34F8-6F7C-328EB595BF40}_is1) (Version: 7.0.1 - Ashampoo GmbH & Co. KG)
Assassin's Creed Origins (HKLM-x32\...\{DAC281DD-7006-49D4-905B-E8BDA474A230}_is1) (Version:  - Ubisoft)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.24 - NVIDIA Corporation) Hidden
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski)
GoldWave v5.58 (HKLM-x32\...\GoldWave v5.58) (Version:  - )
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.3.0.13 - IObit)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 162 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180162F0}) (Version: 8.0.1620.12 - Oracle Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3369908771-193429897-2212577217-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 59.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 59.0.1 (x64 cs)) (Version: 59.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.24 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.24 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Ovládací panel NVIDIA 391.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.24 - NVIDIA Corporation) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.8557 - Kakao Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.)
SharewareOnSale Notifier (HKU\S-1-5-21-3369908771-193429897-2212577217-1001\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.6.1 - startisback.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5419625B-B332-4EEC-910D-C0C2953DB084}) (Version: 2.13.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{E1D7CB46-BAE9-4D58-99C4-582332B1755A}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1802.2.51 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2017-09-26] (IObit)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {051914D0-4432-441C-97F5-4559D5EC142F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-21] (Microsoft Corporation)
Task: {0732D020-9839-47C2-A9AB-A216294411BE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-21] (Microsoft Corporation)
Task: {0BAA52EB-3DF9-4A7D-9DAA-FC9FBC3F75A7} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {1C972372-978A-4862-8B26-DC6D02598A45} - System32\Tasks\Driver Booster SkipUAC (kulim) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {2166C674-E1E6-43C3-A506-4EF694610C63} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {276EE7CE-AC31-4E23-B075-0B866E3B54F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-21] (Microsoft Corporation)
Task: {2943B621-CD32-46B2-8E1D-C72A41A5B587} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {3D5C1CA5-188B-4E72-8257-E0FFC39863C1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3D6F1187-2F18-4101-A051-4B23A2958CDC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-21] (Microsoft Corporation)
Task: {422D6D66-99A6-415F-84E0-4B5F3D1F621E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {4BB1E6D0-70D0-433B-84F3-DDFA42CD79C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-21] (Google Inc.)
Task: {5A302C32-1BAD-4A65-9123-749591C26392} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-13] (Microsoft Corporation)
Task: {6C16D1C5-841C-4A89-94C5-7C647EB2F099} - System32\Tasks\ASC11_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2017-11-07] (IObit)
Task: {736FE78D-8A71-4244-8CD0-597AA1A15003} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {7E85D9C0-322B-4C67-AD84-7FF9D6799B22} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-21] (Google Inc.)
Task: {830CBB14-DA9F-4C03-A060-3E32B4A58849} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {8394A21C-BE90-4AB0-8AB1-B97F6165C96C} - System32\Tasks\ASC_ASCTray_Auto => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2017-09-20] (IObit)
Task: {89FE4C55-068B-4190-B40A-59CCD7570A16} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-03-21] (Microsoft Corporation)
Task: {A4C99B8A-47DD-46EC-BEA0-DE3D8625CC0C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe [2017-12-11] (IObit)
Task: {A9F43A07-1CEE-44C6-AD08-8BE929A4B13F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {ACAF508C-E0AD-4478-A572-C4D0954FC0D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-21] (Microsoft Corporation)
Task: {B77D9795-78E3-4AA8-B36C-BECDFD252F80} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {BB790988-D912-474D-9FCE-33E456309D6C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {C90AC690-5A10-47A4-A678-9706AB0CE748} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {CFD5584D-62BF-4A4F-BA82-EC09E7C9FA8B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-21] (Microsoft Corporation)
Task: {D7CFA200-990A-4C0C-A7C0-5CE5938A1341} - System32\Tasks\ASC11_SkipUac_kulim => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2017-11-08] (IObit)
Task: {D813992A-19C4-4BD5-AFF0-802877E8AB28} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {DD834D10-A010-42F1-B4F6-D8BE1204BEFC} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [2018-03-04] (www.startisback.com)
Task: {E7D592D7-FC67-4164-B37D-A74CA46AF33E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {EB4DFE86-09FF-49B2-A9D5-9DA1EFB71781} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-13] (Microsoft Corporation)
Task: {FF59CF6A-F50B-41BC-A6B7-961D242D7050} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-03-21] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-03-21 02:56 - 2018-03-16 02:57 - 000544384 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-03-20 22:45 - 2018-03-16 00:40 - 000135136 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-03-21 02:38 - 2018-01-10 16:05 - 001269096 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-21 15:08 - 2018-03-21 15:17 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-03-21 01:53 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-21 01:53 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-26 20:23 - 2018-03-26 20:24 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-26 20:23 - 2018-03-26 20:24 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-26 20:23 - 2018-03-26 20:24 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-26 20:23 - 2018-03-26 20:24 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-26 20:23 - 2018-03-26 20:24 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-03-21 03:29 - 2014-07-17 23:47 - 003587584 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
2018-03-21 02:58 - 2018-03-21 02:58 - 027809280 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll
2018-03-26 20:24 - 2018-01-30 16:02 - 173143208 _____ () E:\Program Files (x86)\Assassin's Creed Origins\ACOrigins.exe
2018-03-24 22:54 - 2018-01-25 14:01 - 000883712 _____ () E:\Program Files (x86)\Assassin's Creed Origins\oo2core_4_win64.dll
2018-03-24 22:54 - 2018-01-25 14:01 - 000116224 _____ () E:\Program Files (x86)\Assassin's Creed Origins\GFSDK_Aftermath_Lib.x64.dll
2018-03-24 22:54 - 2018-01-25 14:01 - 001853680 _____ () E:\Program Files (x86)\Assassin's Creed Origins\Tobii.GameIntegration.dll
2018-03-24 22:54 - 2018-01-28 21:27 - 000026112 _____ () E:\Program Files (x86)\Assassin's Creed Origins\uplay_r1_loader64.dll
2018-03-24 22:54 - 2018-02-03 12:49 - 000022528 _____ () E:\Program Files (x86)\Assassin's Creed Origins\dbdata.dll
2018-03-21 03:57 - 2018-03-21 04:00 - 002210480 _____ () C:\Program Files\Microsoft Office\Root\Office16\tmpod.dll
2018-03-21 03:57 - 2018-03-21 03:58 - 001401520 _____ () C:\Program Files\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2018-03-21 04:09 - 2018-03-21 04:09 - 000735920 _____ () C:\Program Files\Microsoft Office\root\Office16\msfad.dll
2018-03-21 04:08 - 2018-03-21 04:09 - 001902776 _____ () C:\Program Files\Microsoft Office\root\Office16\ClientTelemetry.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000047616 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-03-21 01:53 - 2018-03-01 07:45 - 004173824 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-03-21 01:53 - 2018-03-01 07:44 - 003662336 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-03-21 03:59 - 2018-03-21 03:59 - 000240304 _____ () C:\Program Files\Microsoft Office\root\Office16\JitV.dll
2018-03-21 15:03 - 2017-05-22 12:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-03-21 15:03 - 2017-05-22 12:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-03-21 15:03 - 2017-05-22 12:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-03-21 02:38 - 2018-01-10 16:05 - 001042280 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-21 14:32 - 2016-08-18 19:43 - 000442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2018-03-21 14:32 - 2016-08-18 19:43 - 000210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2018-03-21 14:32 - 2016-08-18 19:43 - 000059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2018-03-21 14:32 - 2015-12-28 14:50 - 000899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2018-03-21 14:32 - 2017-08-04 14:44 - 000082720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\GetProcessDLL.dll
2018-03-21 14:32 - 2017-06-10 16:33 - 000631584 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2017-08-17 16:51 - 2017-08-17 16:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2018-03-21 03:29 - 2013-08-05 15:30 - 000036864 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Lang.dll
2018-03-21 03:29 - 2013-01-29 17:15 - 000061440 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\hiddriver.dll
2018-03-21 02:38 - 2018-01-10 16:05 - 066908520 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-03-21 15:03 - 2018-01-25 18:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-03-21 15:03 - 2018-01-25 18:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-03-21 15:03 - 2017-05-22 12:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [182]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3369908771-193429897-2212577217-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1C5E78D4-FB6A-4A52-83C3-0992E4B12ABC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{47D5D279-9BF7-4AC3-8A4B-FA43D060C1A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1956EB1F-A983-4E36-A3A8-5CB4BC4B8782}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1BA3D4B3-926C-4EE2-A8C3-AA07BBABB35B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{839A5449-75FA-4BB0-9A73-5EDBA3F7D4C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B63EB475-3955-4F1A-8E5E-F59D4F142B0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E354D232-1A14-430A-A997-C8875F338658}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B2F6EEDE-BB8D-4746-AFD4-A4BC432A2A18}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E4530FFB-926D-4C0D-B830-0CFE67113BA9}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{2A751DF0-EB96-4867-908C-BF893463F2BD}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{5AA023A4-FF7E-4AE2-9104-AD5E2FCDE7DF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B8C260FE-4143-444A-BAD9-0324330C8C49}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{99CF59D6-C79F-4BA9-A4E8-2840937DDC43}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{998E8105-EBA7-46B5-8E41-99FE3FE9A7EF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{07244C76-05F1-4D2C-9326-7E22E70906AA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{4DECD6A0-BB61-481D-9A18-6845BE3E4940}D:\programy\office 2013-2016 c2r install v5.3 ok!!!\files\bin\kmss.exe] => (Allow) D:\programy\office 2013-2016 c2r install v5.3 ok!!!\files\bin\kmss.exe
FirewallRules: [UDP Query User{0751D074-FC56-426A-BE3B-8AD5E876FCCD}D:\programy\office 2013-2016 c2r install v5.3 ok!!!\files\bin\kmss.exe] => (Allow) D:\programy\office 2013-2016 c2r install v5.3 ok!!!\files\bin\kmss.exe
FirewallRules: [TCP Query User{708ED8C1-0E2D-472F-9C78-09EABFDCDB8A}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{B4183EFB-8A0C-4356-BD2D-E4AE110B34F1}D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{AB65D2A1-7AA4-4529-A1DF-B8EFC2F03AA1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
FirewallRules: [{AF669AFD-A5FA-4FA7-9F8C-345C7AE986C8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
FirewallRules: [{8610C879-AE25-40D8-AF73-B326058B9FAB}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe
FirewallRules: [{703210C7-F15F-42FD-BC62-4C9B41BD8CA4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe
FirewallRules: [{9EF0F0F0-2066-4CBB-A137-68E7B1A9717B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe
FirewallRules: [{ED6FEB8B-3C6D-4422-BDA5-D614C59A8FC7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe
FirewallRules: [{9A2986F1-8C6F-4175-ACFF-4BF357276A14}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{EC767721-4AAD-4567-BBCB-253CA8F7131C}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{38B40561-BAEB-4F04-8F46-88B7CB0848B7}] => (Block) %ProgramFiles% (x86)\IObit\Advanced SystemCare\ASC.exe
FirewallRules: [{11001D3C-FB7D-49D4-A2C5-B75DB93A8E1D}] => (Block) %ProgramFiles% (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [TCP Query User{E57F6DED-2E6E-4FB5-B58A-B92F4A89C38E}C:\program files (x86)\java\jre1.8.0_162\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_162\bin\javaw.exe
FirewallRules: [UDP Query User{B000AD86-063A-47EB-BBC1-81439E0220A5}C:\program files (x86)\java\jre1.8.0_162\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_162\bin\javaw.exe
FirewallRules: [TCP Query User{5119EA1F-6DBA-4D7E-A91F-83AE1B9AC1E5}D:\program files (x86)\activision blizzard\call of duty black ops iii\blackops3.exe] => (Allow) D:\program files (x86)\activision blizzard\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{91B7B3F4-FD16-4834-8B85-694901FEC24D}D:\program files (x86)\activision blizzard\call of duty black ops iii\blackops3.exe] => (Allow) D:\program files (x86)\activision blizzard\call of duty black ops iii\blackops3.exe
FirewallRules: [{168A5866-BB86-4783-817E-2BE023D32E15}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{052520F1-4D9A-44D0-B8F8-636606B5F695}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8CFB972D-44AA-45A3-9240-4366AABD2325}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{769BD684-334B-490A-B170-BD7A264F0314}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{37E6A8B2-AA8A-4891-B06B-4F2BDBCF2A94}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{DE1C87B9-3111-499B-8CD3-8493F4054550}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{4588D137-3D73-41A4-8065-CA6327A971BF}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe] => (Allow) D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe
FirewallRules: [UDP Query User{9D40BC05-41A9-4B21-89CC-7D101659FFDB}D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe] => (Allow) D:\program files (x86)\ea games\need for speed most wanted\nfs13.exe
FirewallRules: [TCP Query User{2F3C2FCF-AA45-4073-8CDF-1A35085CE1D9}D:\games\thehunter call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter call of the wild\thehuntercotw_f.exe
FirewallRules: [UDP Query User{5FFB5856-5A96-4B88-A298-A01FA8E93772}D:\games\thehunter call of the wild\thehuntercotw_f.exe] => (Allow) D:\games\thehunter call of the wild\thehuntercotw_f.exe
FirewallRules: [{FCF17F1F-624F-4E8B-BC93-DCB1AA31DCF4}] => (Block) %USERPROFILE%\UniversalApps\Gears of War 4\AppFiles\GearGame\Binaries\UWP64\GearGame.exe
FirewallRules: [{F1DACD47-9215-49DF-9EF5-2DB88FAF1345}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Restore Points =========================

24-03-2018 21:48:30 Before uninstalling Gears of War 4 [FULL REMOVAL]
24-03-2018 22:45:02 Before uninstalling Assassin's Creed Origins
25-03-2018 15:07:24 Nainstalováno rozhraní DirectX
25-03-2018 15:08:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
25-03-2018 15:08:47 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
25-03-2018 15:08:58 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
25-03-2018 15:09:10 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
25-03-2018 16:43:23 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
26-03-2018 20:21:37 Before uninstalling Need for Speed™ Payback
26-03-2018 20:46:43 Driver Booster : Microsoft Visual C++ 2017 Redistributable (x86)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/27/2018 01:40:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042, časové razítko: 0x5639dd97
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x08134c35
ID chybujícího procesu: 0x16c8
Čas spuštění chybující aplikace: 0x01d3c55bdb99bea3
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: f1236710-b1ef-4979-a79c-7f16ccac39e3
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2018 01:40:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: IAStorDataMgrSvc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
   na IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   na IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   na IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   na System.Threading.ThreadPoolWorkQueue.Dispatch()
   na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/26/2018 08:36:12 PM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (3308,D,0) SUS20ClientDataStore: Pokus o zápis do souboru C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb na posunu 6193152 (0x00000000005e8000) o 16384 (0x00004000) bajtů po 0.001 sekundách selhal. Došlo k systémové chybě 1453 (0x000005ad): K dokončení požadované služby není přidělené místo dostačující. . Operace zápisu selže a dojde k chybě -1011 (0xfffffc0d). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (03/26/2018 08:36:12 PM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (3308,D,0) SUS20ClientDataStore: Pokus o zápis do souboru C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb na posunu 6176768 (0x00000000005e4000) o 16384 (0x00004000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 1453 (0x000005ad): K dokončení požadované služby není přidělené místo dostačující. . Operace zápisu selže a dojde k chybě -1011 (0xfffffc0d). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (03/26/2018 08:36:12 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní. 

Kontext: aplikace Windows

Podrobnosti:
	K dokončení požadované služby není přidělené místo dostačující.  (HRESULT : 0x800705ad) (0x800705ad)

Error: (03/26/2018 08:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.8.0.1042, časové razítko: 0x5639dd97
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x08094c35
ID chybujícího procesu: 0x33a8
Čas spuštění chybující aplikace: 0x01d3c52f4fa3af6e
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 44d82e7d-4d16-4801-adbe-2cd5e14d1dfc
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/26/2018 08:21:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: IAStorDataMgrSvc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
   na IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   na IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   na IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   na System.Threading.ThreadPoolWorkQueue.Dispatch()
   na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/24/2018 09:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GearGame.exe, verze: 0.0.0.0, časové razítko: 0x5a667997
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.16299.309, časové razítko: 0x90a96867
Kód výjimky: 0xe06d7363
Posun chyby: 0x0000000000014008
ID chybujícího procesu: 0x2a48
Čas spuštění chybující aplikace: 0x01d3c3a8a2cae7c8
Cesta k chybující aplikaci: C:\Users\kulim\UniversalApps\Gears of War 4\AppFiles\GearGame\Binaries\UWP64\GearGame.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 93987e80-0ebe-4f0b-829f-2a16db1a11fc
Úplný název chybujícího balíčku: Microsoft.SpartaUWP.6a4b8a7800_12.0.0.2_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: GearGameShippingPublic


System errors:
=============
Error: (03/27/2018 01:41:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/27/2018 01:38:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2018 01:38:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2018 01:38:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2018 01:38:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/26/2018 11:10:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S8JKV85)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/26/2018 11:10:00 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S8JKV85)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/26/2018 08:22:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2018-03-27 03:30:44.020
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\kulim\AppData\Local\Temp\YZjYIlVt.exe.part
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-S8JKV85\kulim
Název procesu: C:\Program Files\Mozilla Firefox\firefox.exe
Verze podpisu: AV: 1.263.1182.0, AS: 1.263.1182.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14600.4

Date: 2018-03-27 03:27:38.075
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\kulim\AppData\Local\Temp\H5+BTfFp.exe.part
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-S8JKV85\kulim
Název procesu: C:\Program Files\Mozilla Firefox\firefox.exe
Verze podpisu: AV: 1.263.1182.0, AS: 1.263.1182.0, NIS: 119.0.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14600.4

Date: 2018-03-22 23:12:54.512
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {671AEA3E-6508-44D0-B0F7-27C372BF9D86}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-03-21 14:53:57.052
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_D:\HRY\COD4\rzr-cod4.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.263.876.0, AS: 1.263.876.0, NIS: 118.8.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-21 14:53:57.051
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_D:\PROGRAMY\Microsoft Office 2016 + Čeština + Aktivátor\Aktivace\KMSAuto.exe;file:_D:\PROGRAMY\Öffice 2016 online instal+aktivace\KMS_Tools_Portable_01.02.2018.2b\Programs\Office 2013-2016 C2R Install v6.0.1\OInstall.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.263.876.0, AS: 1.263.876.0, NIS: 118.8.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-21 13:30:45.555
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80501002
Popis chyby: V programu nelze najít soubory definic, které pomáhají rozpoznat nežádoucí software. Zkontrolujte aktualizace definičních souborů a opakujte akci. Informace o instalaci aktualizací naleznete v nápovědě a podpoře. 
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-03-21 13:30:45.555
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80501002
Popis chyby: V programu nelze najít soubory definic, které pomáhají rozpoznat nežádoucí software. Zkontrolujte aktualizace definičních souborů a opakujte akci. Informace o instalaci aktualizací naleznete v nápovědě a podpoře. 
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-03-21 02:49:24.721
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\WindowsApps\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 02:49:24.699
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\WindowsApps\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 02:49:24.676
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\WindowsApps\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 02:49:24.652
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\WindowsApps\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 02:49:24.624
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\WindowsApps\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 02:49:24.597
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\WindowsApps\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 02:49:24.574
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\WindowsApps\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-03-21 02:49:24.551
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\WindowsApps\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-6600 CPU @ 3.30GHz
Percentage of memory in use: 45%
Total physical RAM: 16336.06 MB
Available physical RAM: 8849.8 MB
Total Virtual: 18768.06 MB
Available Virtual: 6051.34 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:231.94 GB) (Free:163.36 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (MOJE) (Fixed) (Total:2794.39 GB) (Free:379.96 GB) NTFS
Drive e: (DATA) (Fixed) (Total:1863.01 GB) (Free:278.44 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (ALF) (Fixed) (Total:1464.97 GB) (Free:3.06 GB) NTFS
Drive g: (KULIM) (Fixed) (Total:1329.55 GB) (Free:16.28 GB) NTFS

\\?\Volume{bf68de78-0000-0000-0000-401b3a000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: BF68DE78)
Partition 1: (Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=469 MB) - (Type=27)

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 10B8AAD3)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 941313F2)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 2794.5 GB) (Disk ID: 55BB1001)

Partition: GPT.

==================== End of Addition.txt ============================