Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018 Ran by przem (04-02-2018 10:21:50) Running from C:\Users\przem\Downloads Windows 10 Home Version 1703 15063.850 (X64) (2017-08-06 01:55:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2227386290-2385267191-4023304224-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2227386290-2385267191-4023304224-503 - Limited - Disabled) Guest (S-1-5-21-2227386290-2385267191-4023304224-501 - Limited - Disabled) przem (S-1-5-21-2227386290-2385267191-4023304224-1001 - Administrator - Enabled) => C:\Users\przem ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Witcher 3 - Wild Hunt» 1.0.2.0 (HKLM-x32\...\{BF679CAD-FE6D-4CBE-9E99-D7193809207A}_is1) (Version: 1.0.2.0 - CD Project RED) µTorrent (HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc) ASUS Input Configuration (HKLM-x32\...\{7DDF7571-64BD-4232-9729-20FF10CE6C62}) (Version: 1.0.3 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.14 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0049 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.2.9 - ICEpower a/s) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.) Epic Games Launcher (HKLM-x32\...\{025C48EC-4F3F-4AC7-8502-F804F18C8B57}) (Version: 1.1.129.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD) GameFirst IV (HKLM-x32\...\{370651DD-8ABF-4807-9533-0869FDF79BFA}) (Version: 1.5.31 - ASUSTeK COMPUTER INC.) Hidden GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.31) (Version: 1.5.31 - ASUSTeK COMPUTER INC.) Gaming Mouse Driver (HKLM-x32\...\{2F9C99E1-A1D2-4ADB-AFA0-3A1ED9471811}) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden GSmartControl (HKLM-x32\...\GSmartControl) (Version: 1.1.3 - Alexander Shaduri) Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8827.2148 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) NVIDIA 3D Vision Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Graphics Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8827.2148 - Microsoft Corporation) Hidden Opera Stable 50.0.2762.67 (HKLM-x32\...\Opera 50.0.2762.67) (Version: 50.0.2762.67 - Opera Software) Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - ) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.721 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.29093 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8098 - Realtek Semiconductor Corp.) ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 2.0.3 - ASUS) ROG Gaming Center Core (HKLM\...\{09D386DB-324B-4E81-8D21-5AF1433ED600}) (Version: - ) Soda PDF Desktop (HKLM-x32\...\SodaDesktop) (Version: 9.0.38.31816 - LULU Software) Soda PDF Desktop View Module (HKLM\...\{CAF75E2A-9CD6-49CC-962D-BFF08DBE5EEB}) (Version: 9.0.38.31757 - LULU Software) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\TeamSpeak 3 Client) (Version: 3.1.5 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation) Windows Driver Package - ASUS (AsusHFilter) HIDClass (12/19/2016 1.0.0.2) (HKLM\...\EEDD19DDF3F0CA7CFA2F4C500D442DD1FEB434F6) (Version: 12/19/2016 1.0.0.2 - ASUS) Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (09/23/2016 11.0.0.14) (HKLM\...\F95583A62AB902A3FC263F668380483F9E0113CD) (Version: 09/23/2016 11.0.0.14 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}) (Version: 21.0.12288 - WinZip Computing, S.L. ) WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 10.1.0.5644 - Kingsoft Corp.) XSplit Gamecaster (HKLM-x32\...\{B118E6BC-2880-485F-A661-ACE63DBCB0FB}) (Version: 2.9.1701.1609 - SplitmediaLabs) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2227386290-2385267191-4023304224-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-04] (AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-04] (AVAST Software) ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers1: [WinZip] -> [CC]{E0D79304-84BE-11CE-9641-444553540000} => -> No File ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-04] (AVAST Software) ContextMenuHandlers4: [WinZip] -> [CC]{E0D79304-84BE-11CE-9641-444553540000} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e328441500a1789d\igfxDTCM.dll [2017-03-07] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-04] (AVAST Software) ContextMenuHandlers6: [WinZip] -> [CC]{E0D79304-84BE-11CE-9641-444553540000} => -> No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B4E5D1E-834B-44BE-A2FF-421C235B1069} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe [2016-11-17] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {0BB71945-E115-4803-AE23-EEE42DEBDF90} - System32\Tasks\WpsExternal_20161117083023 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [2016-11-17] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {1434994B-BFFE-432D-BB60-CA5978AAFA98} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-23] (ASUSTek Computer Inc.) Task: {16F2B46C-7D0B-4942-B555-E69471CF6317} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation) Task: {187A11A2-6EE3-4330-A3E3-0F110BB2EA48} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-09] (AVAST Software) Task: {1B640FFA-31DE-4D01-ABD9-A152D47BDF21} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-23] (Microsoft Corporation) Task: {1BE4B59B-772B-4CFC-AFB3-F8E79BBB1D58} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-25] (Adobe Systems Incorporated) Task: {1CB55E9A-F088-4201-B1FA-873CDC66B9D8} - System32\Tasks\Opera scheduled Autoupdate 1501985499 => C:\Program Files\Opera\launcher.exe [2018-01-22] (Opera Software) Task: {1F302CBE-B69A-4DF8-90AF-0A890400B064} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation) Task: {392DCD6C-DBEA-4954-86D8-4CB2F539D120} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation) Task: {3A01CDBD-09CF-4CD8-AC3C-688110D06F85} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {3A1FFB9E-EF25-454A-93C6-7516805BFA48} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation) Task: {546F979B-9090-4FCD-A633-B7DDAA17CED3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-25] (Adobe Systems Incorporated) Task: {5931A6C9-5B1E-42A1-BF3D-015C8AC76C97} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {5B9F85B3-A5FC-464B-8F4D-12FFF4D8B601} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-02] (Google Inc.) Task: {5C636D3A-75DF-484C-A2FC-10ACC8DCC829} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-23] (Microsoft Corporation) Task: {646A57CA-B10B-424B-9647-948B54FB5AD8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {64C793D6-95E5-4E00-854A-3B0244A2D813} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-11-14] (ASUSTek Computer Inc.) Task: {66CEF64C-7757-4089-A16C-DE3E5DE22F81} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-03-23] (Realtek Semiconductor) Task: {778EB911-DEDE-4282-A272-EE1DE06A3D92} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {796F3C5A-C5B8-457A-9548-FABB584DFE5D} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [2016-11-24] (ASUSTek Computer Inc.) Task: {825A57A0-4870-4F9D-BC2B-C14C5681A7CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-02] (Google Inc.) Task: {A6584BEA-C23B-4679-A53F-1F8DC2728A22} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-11-10] (WinZip Computing, S.L.) Task: {A6D44CBC-801E-44FA-9BA5-1BB54EF12DA3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {B4CE4C2F-C8F1-4D0B-B8A9-9FBB269E4042} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation) Task: {B76BA94B-3EAF-469F-8011-3AD4A2AAE220} - System32\Tasks\S-1-5-21-2227386290-2385267191-4023304224-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-02] (Microsoft Corporation) Task: {BB955A68-54DC-4B04-B4BB-7B4C4DA8CBF6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-10-13] (ASUS) Task: {C4A8608F-D87D-4025-B8F9-668813AB0361} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {C50830E4-4E94-4047-8BC4-CA75DE7845F0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-03-23] (Realtek Semiconductor) Task: {CE22A534-BB97-420D-AF2C-635A804382A8} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-07-08] (ASUSTek COMPUTER INC.) Task: {CE65B2EC-E443-4ADA-B6F8-3A51C539190C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation) Task: {CFF61F0B-FADC-41C4-B8AF-3E7A901FFBDA} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-23] (ASUSTek Computer Inc.) Task: {D29ECC2A-97E9-4DEF-9FFE-5D5B81E3F6DF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-01-04] (AVAST Software) Task: {D458EDBA-B801-46C4-8CC7-77CC4D3E3F54} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {D4FF7AB8-66A2-47A4-A66A-5802520B40EA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-15] (Microsoft Corporation) Task: {F242ADBE-BE66-49D0-8AEB-D931CB185966} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-07-03] (ASUSTek Computer Inc) Task: {F69DBA2F-0D3D-4755-9829-7A2713AB3C8F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\WpsExternal_20161117083023.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-08-06 02:08 - 2017-08-22 00:10 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-05-17 05:58 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-01-31 14:34 - 2018-01-31 14:34 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-01-31 14:34 - 2018-01-31 14:34 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-01-31 14:34 - 2018-01-31 14:34 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-01-31 14:34 - 2018-01-31 14:34 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll 2018-01-31 14:34 - 2018-01-31 14:34 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2017-03-18 21:59 - 2017-03-19 03:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-01-23 16:55 - 2018-01-23 16:55 - 096448600 _____ () C:\Program Files\Opera\50.0.2762.67\opera_browser.dll 2018-01-23 16:55 - 2018-01-23 16:55 - 004207704 _____ () C:\Program Files\Opera\50.0.2762.67\libglesv2.dll 2018-01-23 16:55 - 2018-01-23 16:55 - 000100440 _____ () C:\Program Files\Opera\50.0.2762.67\libegl.dll 2018-01-04 20:28 - 2018-01-04 20:28 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2018-01-04 20:28 - 2018-01-04 20:28 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2018-01-04 20:28 - 2018-01-04 20:28 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll 2017-08-05 23:17 - 2017-08-05 23:17 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-01-04 20:28 - 2018-01-04 20:28 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2018-01-04 20:28 - 2018-01-04 20:28 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-05-17 05:58 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-06 05:17 - 2016-10-06 05:17 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-04-27 18:24 - 2013-04-27 18:24 - 000071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll 2017-08-05 23:13 - 2017-11-29 06:09 - 000781088 _____ () C:\Steam\SDL2.dll 2017-08-05 23:13 - 2016-09-01 02:02 - 004969248 _____ () C:\Steam\v8.dll 2017-08-05 23:13 - 2017-12-15 20:59 - 002558752 _____ () C:\Steam\video.dll 2017-08-05 23:13 - 2016-09-01 02:02 - 001563936 _____ () C:\Steam\icui18n.dll 2017-08-05 23:13 - 2016-09-01 02:02 - 001195296 _____ () C:\Steam\icuuc.dll 2017-12-15 00:10 - 2017-11-04 02:54 - 000695584 _____ () C:\Steam\libavformat-57.dll 2017-12-15 00:10 - 2017-11-04 02:54 - 005137696 _____ () C:\Steam\libavcodec-57.dll 2017-12-15 00:10 - 2017-11-04 02:54 - 000351520 _____ () C:\Steam\libavresample-3.dll 2017-12-15 00:10 - 2017-11-04 02:54 - 000847136 _____ () C:\Steam\libavutil-55.dll 2017-12-15 00:10 - 2017-11-04 02:54 - 000783648 _____ () C:\Steam\libswscale-4.dll 2017-08-05 23:13 - 2017-12-15 20:59 - 000904992 _____ () C:\Steam\bin\chromehtml.DLL 2017-08-05 23:12 - 2016-07-04 23:17 - 000266560 _____ () C:\Steam\openvr_api.dll 2017-08-05 23:17 - 2017-09-07 03:04 - 000678400 _____ () C:\Steam\bin\cef\cef.win7\SDL2.dll 2017-08-05 23:17 - 2017-10-31 05:44 - 071471904 _____ () C:\Steam\bin\cef\cef.win7\libcef.dll 2017-08-05 23:12 - 2015-09-25 00:52 - 000119208 _____ () C:\Steam\winh264.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 12:47 - 2017-08-13 01:06 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg DNS Servers: 109.196.112.130 - 109.196.112.131 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "Gaming mouse" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\StartupApproved\Run: => "DashlanePlugin" HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\StartupApproved\Run: => "Dashlane" HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2227386290-2385267191-4023304224-1001\...\StartupApproved\Run: => "Application Restart #0" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{BA21110D-A87B-49D2-98B9-EA6E90FA94F2}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{5C17CDCE-4A9A-498D-BE7E-C95382B3F55A}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B0F5D314-4A88-4846-A490-68692238E886}] => (Allow) C:\Steam\Steam.exe FirewallRules: [{F4FE7DB9-10C9-4CDE-A4AD-A6E6540326ED}] => (Allow) C:\Steam\Steam.exe FirewallRules: [{E005C61A-AB3F-4EA9-B911-D071528A5C62}] => (Allow) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGCAndroidService.exe FirewallRules: [{44E125A5-46B6-44E0-A856-190942C7EB42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0C949336-EF85-492A-A96F-1ABF4C02227C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{DD80065B-C4CD-4C54-BFEB-81387B761B39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{33BD944C-A12E-48F9-9BB2-DC1B538DD042}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{F91539C2-8A1D-4F1A-B687-84BE6B5658F1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{8D36E66C-79A0-4AF4-B3A9-CF7456A28E5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{684E31F5-538F-477B-9C8B-ABF30E7B952B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{21DE9962-02A5-4BA7-B21E-3AB522918B86}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{22A6A719-AD88-4A34-8F49-87042E2D7C89}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{60716F94-336C-41AE-8D3A-D2B039AD4619}] => (Allow) C:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E846FF44-E3EC-4D31-9AAB-B7899AC3B814}] => (Allow) C:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{77EEA7E5-9253-421C-948D-BEA3C7DF6063}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{3EEF43B8-F818-4651-AD00-2343BB59A51F}] => (Allow) C:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{E8BD668E-DB34-4270-BF5C-A0D12241D0A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{1D1FC8E4-7E2C-436F-A125-E916FFEE4A80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{3A4A0CB5-C21D-4D11-9204-63DB010E9646}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3D75ABCD-90B4-478B-AFA2-E481883EE140}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CB5CB3B5-749E-474C-8231-1FE623617699}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ZenSync_1.0.7.0_x86__qmba6cd70vzyy\AppService\AppService_NotificationHost.exe FirewallRules: [{850B20CA-2FF6-47D4-A52C-7DE74112FF03}] => (Allow) C:\Users\przem\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{80584869-B991-4947-8821-FC938C23F673}] => (Allow) C:\Users\przem\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9384CCB2-0C9B-4D52-B649-97E24322CEAB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [TCP Query User{A5195A24-DC42-4F8A-ADB8-932AC5BF3E2C}C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{0F7D4F8C-889E-49C0-A4C7-D23C89B8E0A1}C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{176FACA4-498B-47F5-B9BF-9B126F92B569}] => (Allow) C:\Steam\steamapps\common\Hurtworld\Hurtworld.exe FirewallRules: [{9671492F-B08A-4E6E-8665-DE246DC407E1}] => (Allow) C:\Steam\steamapps\common\Hurtworld\Hurtworld.exe FirewallRules: [{66854AAE-4DBE-48BE-883C-CF59572A678C}] => (Allow) C:\Steam\steamapps\common\Hurtworld\HurtworldClient.exe FirewallRules: [{BECCDCDD-CDE3-4BCB-B338-CA4ED77F5DCC}] => (Allow) C:\Steam\steamapps\common\Hurtworld\HurtworldClient.exe FirewallRules: [{758C001F-7F6F-4E43-A7AC-A856ACB851D6}] => (Allow) C:\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{13C0810F-23F6-42A5-8E88-4B493B5C59B5}] => (Allow) C:\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [TCP Query User{76EDD87B-B26D-4A5D-BEC0-C6E0FC83051E}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{A78D30EF-83BA-4469-ACF1-D8E5AB46BF06}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{B07DD4AD-0AF0-43B9-BC25-1666C31FBA04}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{8AEAE0DE-09D5-4D7F-9344-A01F7F1D60CD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{4E8742E9-E525-480D-8342-18398C696B23}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{105C43F3-166A-4274-940B-FA7204777379}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{A221F19F-756D-4D9C-8CD9-DF47AC56636F}] => (Allow) C:\Steam\steamapps\common\Business Tour\BusinessTour.exe FirewallRules: [{CEE92EC0-7CF5-4C9C-8977-545188762C06}] => (Allow) C:\Steam\steamapps\common\Business Tour\BusinessTour.exe FirewallRules: [{5FDEE11E-94E2-40B0-8179-D42DB0C39766}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe FirewallRules: [{67134463-FAC5-468C-AE32-51D958445D95}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe FirewallRules: [{C62EA977-9180-48DB-95A3-03A14F6D65F0}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe FirewallRules: [{BFCE1E3C-17EC-4092-87D8-BB0751532479}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe FirewallRules: [{585E2A2E-2A7E-4308-8398-1BED9F1D5567}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{63D4D463-9CAB-4983-B22E-7DDD5C539A61}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{4AD3DC77-B1C5-4862-A369-2A430AEB5219}C:\gry\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\gry\pro evolution soccer 2016\pes2016.exe FirewallRules: [UDP Query User{9E2ABB4E-D771-4300-9182-7A9224FF97C9}C:\gry\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\gry\pro evolution soccer 2016\pes2016.exe FirewallRules: [{243B716D-569F-4767-9D08-EEA549F4DEFE}] => (Allow) C:\Program Files\Opera\50.0.2762.58\opera.exe FirewallRules: [{9FC5B82B-3AC5-44F3-B9CF-5C35039CCE93}] => (Allow) C:\Program Files\Opera\50.0.2762.67\opera.exe ==================== Restore Points ========================= 26-01-2018 14:11:03 Windows Update 29-01-2018 22:46:48 Windows Update 02-02-2018 18:58:45 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/03/2018 09:14:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.15063.447, time stamp: 0xe365c782 Faulting module name: ICEsoundAPO64.dll, version: 1.0.0.28, time stamp: 0x58822fc8 Exception code: 0xc0000409 Fault offset: 0x000000000004354c Faulting process id: 0x1a44 Faulting application start time: 0x01d39d08b874f9a2 Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\system32\ICEsoundAPO64.dll Report Id: a2e71789-9e18-4856-81c4-2a400a68a0fa Faulting package full name: Faulting package-relative application ID: Error: (02/03/2018 09:14:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.15063.447, time stamp: 0xe365c782 Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x8274fd8b Exception code: 0xc0000005 Fault offset: 0x00000000000a8e3d Faulting process id: 0x1a44 Faulting application start time: 0x01d39d08b874f9a2 Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 4e4c712e-c9bf-47f6-b45c-e29cd5cdc5a3 Faulting package full name: Faulting package-relative application ID: Error: (02/03/2018 09:14:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.15063.447, time stamp: 0xe365c782 Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x8274fd8b Exception code: 0xc0000005 Fault offset: 0x00000000000a8e3d Faulting process id: 0x1a44 Faulting application start time: 0x01d39d08b874f9a2 Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 0a86fb01-3621-4e79-b62a-663c11ea4572 Faulting package full name: Faulting package-relative application ID: Error: (02/03/2018 09:13:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AMKK4QO) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/03/2018 12:13:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AMKK4QO) Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/03/2018 12:13:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-AMKK4QO) Description: App Microsoft.LockApp_10.0.15063.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen did not launch within its allotted time. Error: (02/03/2018 12:13:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AMKK4QO) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/02/2018 08:32:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AMKK4QO) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/02/2018 08:32:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AMKK4QO) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/02/2018 08:32:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AMKK4QO) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (02/04/2018 10:18:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/04/2018 12:26:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/03/2018 11:45:21 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY) Description: 0x8000002a171\??\Volume{1d826c1e-171f-498b-b642-121552dcbf6e}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{D77D35F8-1318-4CCD-8C8A-F83A0030B709} Error: (02/03/2018 11:12:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/03/2018 10:55:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/03/2018 09:43:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/03/2018 09:13:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/03/2018 06:03:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (02/03/2018 06:01:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. Error: (02/03/2018 05:59:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz Percentage of memory in use: 31% Total physical RAM: 12173.02 MB Available physical RAM: 8328.43 MB Total Virtual: 14029.02 MB Available Virtual: 9668.62 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:930.41 GB) (Free:715.78 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 00B583BB) Partition: GPT. ==================== End of Addition.txt ============================