Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Lucie (31-03-2019 15:24:53)
Running from C:\Users\Lucie\Desktop
Windows 10 Home Version 1803 17134.648 (X64) (2018-08-08 09:44:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2958511863-688122282-2054044581-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2958511863-688122282-2054044581-503 - Limited - Disabled)
Guest (S-1-5-21-2958511863-688122282-2054044581-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2958511863-688122282-2054044581-1003 - Limited - Enabled)
Lucie (S-1-5-21-2958511863-688122282-2054044581-1001 - Administrator - Enabled) => C:\Users\Lucie
WDAGUtilityAccount (S-1-5-21-2958511863-688122282-2054044581-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
ASUS FlipLock (HKLM\...\{7C7F8DAC-8ADA-4B86-BCB6-48B6FFB673DD}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.0 - ASUS)
ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.6 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.03.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Balíček ovladače systému Windows - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1016 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 1.6.4718.78 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2958511863-688122282-2054044581-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.332 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Outlook 2007 Junk Email Filter (kb979895) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D45674C6-9127-4C84-8826-93FBC552DF53}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
VMware Player (HKLM\...\{6D211A09-EB2A-4B83-ACCB-13B1BC12AF4E}) (Version: 12.5.2 - VMware, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - Kionix, Inc. (kxspb) Sensor I/O devices  (10/21/2014 1.2.7.9) (HKLM\...\C38347B1F2610B28BFC196DC49544B06129D43BA) (Version: 10/21/2014 1.2.7.9 - Kionix, Inc.)
Windows Driver Package - Kionix, Inc. (WUDFRd) Sensor  (10/21/2014 1.0.19.2) (HKLM\...\F7038EE78CCD48375CE4C803EAA8ECE752A0B945) (Version: 10/21/2014 1.0.19.2 - Kionix, Inc.)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2958511863-688122282-2054044581-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2016-11-12] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2016-11-12] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C2D52B-7BF3-4942-A3A2-93D2F2E211B6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0E82B2DA-68B8-4FE7-A47C-BD2E1E95CC1A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc. -> ASUS)
Task: {10177DA9-1C94-44CE-869A-EBCE84675518} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {31AA700B-2C9F-4DB1-923A-0696280B22FE} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {3284C59E-78AE-43E6-9AD0-DFEC7F54EACB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36CBD6E2-4133-4BC1-B558-0A034DA35324} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3852A76B-2A2C-4C0F-A375-D29138A8B64D} - \WPD\SqmUpload_S-1-5-21-2958511863-688122282-2054044581-1001 -> No File <==== ATTENTION
Task: {3A70766C-AA73-4FAE-8D49-E22FC5D728B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3DC11B95-A1DA-4E93-AC57-01AD475E9EE0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {3FE64AE6-98E0-4AB7-90A0-333BF08DDA21} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4E49732F-FDC2-49D1-A8DD-30D259863C1C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe (ASUSTeK Computer Inc. -> AsusTek)
Task: {5B2E828B-B426-4F1C-8A37-BBD3326979F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5BE3C060-09BE-4BF4-A81C-E609B561EDE1} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {60BDCFC4-ED7E-46CC-B724-2FAD2C4DD74E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6149E7ED-85BA-48F0-A6DC-AA2AD93B7057} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {7204D1C3-C4A0-4078-A1BC-A577C41B5BA9} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {88C32D48-7FCE-4495-82E0-FB12580FEAEE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8A2239D5-39C4-460A-936F-724F4DD6DF07} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {8F2126E3-436B-4670-ACC0-F773A07BE2C5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {92EED8DE-E658-42E3-BF82-14331EF1457C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {9E65B93D-573F-4688-AAC6-365B662CBE0F} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {B1021D80-3953-415B-8C3F-A564B8AF6369} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B9190834-2627-4F45-A81A-B5D7A8CB09AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CB4918BB-CC4B-4F54-B0E8-6B8DD8B66AC5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CCCE704A-464D-4A18-93F5-7C84532FF6FF} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe () [File not signed]
Task: {DAAF1ABD-AF21-4D46-9B48-37A9F451CE38} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E95C4209-38E1-4E95-AB91-FEFCB37538D5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F1F47659-BC84-481D-A209-639A10DCE29C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {FCE89164-872B-4AE9-934A-F99D9FF19003} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-10-30 12:57 - 2014-10-30 12:57 - 000007680 _____ (ASUS) [File not signed] C:\Program Files\ASUS\ASUS FlipLock\FlipService.exe
2014-08-20 07:14 - 2014-08-20 07:14 - 000071168 _____ (ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
2014-09-28 23:58 - 2014-09-28 23:58 - 000323584 _____ (Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
2014-10-30 12:57 - 2014-10-30 12:57 - 000016896 _____ () [File not signed] C:\Program Files\ASUS\ASUS FlipLock\FlipController.exe
2014-10-30 12:57 - 2014-10-30 12:57 - 000009216 _____ () [File not signed] C:\Program Files\ASUS\ASUS FlipLock\WMIProc.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 001600000 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 000167424 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2014-09-11 20:31 - 2014-09-11 20:31 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2958511863-688122282-2054044581-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lucie\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\49091391_419226198816861_9062998220015140864_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BE534012-D923-4B0D-8DCC-EECEE305220F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3270CE75-06FC-4083-A519-94BDB7E5726C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A084F5B7-943B-4BFB-923D-A2810C44969A}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{087F6786-E84F-432C-AC33-0195D81FA3CF}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{9D5480E3-A333-4A96-9469-D300297F4E83}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3962C50C-E8CF-4587-BD0E-B5C1E3925CA6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E6620684-7E27-4BEA-803C-86149585397C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{76858A30-0D79-4696-9C7C-0DD9AA6A47BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B05A07BE-9B96-45DD-8C8E-2C57DB36A010}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AD50A8B7-5E53-429B-A2BF-DB8B7495AB2C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

==================== Restore Points =========================

13-03-2019 20:08:28 Windows Update
20-03-2019 23:16:22 Windows Update
29-03-2019 08:02:29 Naplánovaný kontrolní bod
30-03-2019 14:08:29 Installed WinZip 23.0.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2019 11:27:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: PhoneDataSync.dll_unloaded, verze: 10.0.17134.1, časové razítko: 0xa73f20d7
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000032adf
ID chybujícího procesu: 0x32c0
Čas spuštění chybující aplikace: 0x01d4e66113ceb8db
Cesta k chybující aplikaci: c:\windows\system32\svchost.exe
Cesta k chybujícímu modulu: PhoneDataSync.dll
ID zprávy: 8ce7ee16-0fca-4e3b-b14e-a8470a61ccd6
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/28/2019 11:15:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15610

Error: (03/28/2019 11:15:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15610

Error: (03/28/2019 11:15:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2019 07:17:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.17134.1, časové razítko: 0x5ace103a
Název chybujícího modulu: igd10iumd64.dll, verze: 20.19.15.4549, časové razítko: 0x5825237d
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000041482
ID chybujícího procesu: 0x9b4
Čas spuštění chybující aplikace: 0x01d4e2c9e40ffb50
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\igd10iumd64.dll
ID zprávy: 464b0f75-8ef7-4494-89b5-1bd608f203b7
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (03/24/2019 11:38:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593

Error: (03/24/2019 11:38:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15593

Error: (03/24/2019 11:38:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/31/2019 10:17:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/31/2019 10:14:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/31/2019 10:11:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/30/2019 10:08:41 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/30/2019 10:07:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
Windows.SecurityCenter.WscDataProtection
 a APPID 
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/30/2019 10:07:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID 
Windows.SecurityCenter.WscBrokerManager
 a APPID 
Není k dispozici
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/30/2019 10:06:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/30/2019 10:06:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby FontCache3.0.0.0 bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2019-03-30 19:32:34.138
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {43409255-15C0-4B8C-8B95-168220C9EC69}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-21 16:09:12.367
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9631FF85-7F5D-4362-AB89-52639BFFB793}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-21 15:51:15.552
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {88E33897-6147-4D8E-9C57-C0F0FB9E83ED}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-16 18:52:18.138
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D6FB546D-9130-41A0-B7C3-591ADCB6DD5D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-15 19:45:25.895
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {63CEF7F7-8C91-4FAF-A782-503EA2B45CAD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz
Percentage of memory in use: 52%
Total physical RAM: 3999.08 MB
Available physical RAM: 1887.18 MB
Total Virtual: 5279.08 MB
Available Virtual: 2803.48 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:305.76 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:528.29 GB) NTFS

\\?\Volume{4c07c5a6-e4ea-4df8-b4c5-903ba9f0404e}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.57 GB) NTFS
\\?\Volume{756ca9f1-b434-40fd-9a1a-4ad088f8a177}\ (Restore) (Fixed) (Total:15.01 GB) (Free:3.73 GB) NTFS
\\?\Volume{ac908707-f009-4d1d-a779-82490ec3b949}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5CB1E968)

Partition: GPT.

==================== End of Addition.txt ============================