﻿Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by Roman (2016-01-19 21:48:24)
Running from C:\Users\Roman\Desktop
Windows 8.1 (X64) (2015-06-21 12:41:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2322173282-1921665351-3622067993-500 - Administrator - Disabled)
Guest (S-1-5-21-2322173282-1921665351-3622067993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2322173282-1921665351-3622067993-1014 - Limited - Enabled)
Roman (S-1-5-21-2322173282-1921665351-3622067993-1002 - Administrator - Enabled) => C:\Users\Roman

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: 电脑管家系统防护 (Enabled - Out of date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Out of date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Out of date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Out of date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Acronis Disk Director 12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis)
Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Aktualizácie NVIDIA 2.8.1.21 (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.5 - ASUS)
ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.025 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0014 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5230.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
Atheros Outlook Addin 2010 (HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\BB108A893815B64BF41C4574C3324FB7371AA244) (Version: 1.0.0.0 - Microsoft)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.13.1.47453 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.13.3 - AVG Technologies) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data) (Version:  - )
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data) (Version:  - )
Canon Easy-PhotoPrint Pro (HKLM-x32\...\Easy-PhotoPrint Pro) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version:  - Canon Inc.)
Canon MG6100 series User Registration (HKLM-x32\...\Canon MG6100 series User Registration) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 11.5.9.1_WHQL (HKLM\...\Elantech) (Version: 11.5.9.1 - ELAN Microelectronic Corp.)
Find and Mount 2.32 (HKLM\...\Find and Mount_is1) (Version: 2.32 - A-FF Data Recovery)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LenovoUsbDriver 1.0.12 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.12 - Lenovo)
Malwarebytes Anti-Malware verzia 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
MyFreeCodec (HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\MyFreeCodec) (Version:  - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafický ovládač 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 361.43 (Version: 361.43 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PitchPerfect Musical Instrument Tuner (HKLM-x32\...\PitchPerfect) (Version: 2.09 - NCH Software)
PlanetSide 2 (HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.229 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.17 - Qualcomm Atheros Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Registry Finder version 2.5.2 (HKLM\...\{CC3C7E59-8611-4542-8BFD-FFC6759AD0FB}_is1) (Version: 2.5.2 - Sergey Filippov)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14123.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14123.5 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TempoPerfect Metronome Software (HKLM-x32\...\TempoPerfect) (Version: 3.08 - NCH Software)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Viber (HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\{e577cb09-2068-44fb-8eed-cfcc1617b010}) (Version: 5.3.0.1884 - Viber Media Inc.)
Viber (x32 Version: 5.3.0.1884 - Viber Media Inc.) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
War Thunder Launcher 1.0.1.361 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Roman\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016809A3-95DF-4FD8-A91E-9BBCBC19C54A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {0B8E6D5C-5718-4D19-8A64-8F7412516456} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {2C158B1F-4291-451F-A6CC-8B4B7A485A58} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5239B96B-634E-4FA1-AF66-030CBA1A6FC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {585C5257-85D7-4187-B74A-5905512C3575} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {611E3328-1151-4AD7-8913-5F3902F9797B} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {70952F78-383C-4DA7-A4CC-A8E4EA23EA8A} - System32\Tasks\Driver Booster SkipUAC (Roman) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {71C0E6DA-068C-4116-A74A-C7C4E6061835} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
Task: {755A6397-BB4E-4C15-8D37-93933D57896F} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {7E3617DA-213C-4502-BBE9-6AC5D97198DC} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {886203CF-DBE8-40E9-9B79-EB00AA82C5A6} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2015-12-11] (AVG Technologies CZ, s.r.o.)
Task: {8EA14081-B7AD-4CC1-9F47-9C949E785797} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {8EEB98FD-2D41-4116-AE55-ECE807DA20D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {91F35984-2637-4CC9-BC4F-D684F4B9EC62} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {94DC981C-746E-40C1-9D3C-B72F2C123FEC} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-01-05] (AO Kaspersky Lab)
Task: {B2578CFC-0A45-4A00-8A5F-5EF56173DD84} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-07-23] (ASUS)
Task: {B329527A-15E8-4673-BFBC-49F01ABED2E7} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BECC5B2A-DEB0-45D7-A111-8C249A2D55CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {C0C82546-5C33-4135-AA8B-A4223A6369C4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {D07C9C5A-3A4C-441A-852D-9ECD638A6F95} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {FB673A14-DE6C-4DCB-8494-BDC8462C3C9B} - System32\Tasks\Adobe online aktualizační program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {FEE5B1A5-42FB-4C9B-B2DC-D92C9171D499} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-07-31] (ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-06-21 13:17 - 2015-12-16 15:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-19 07:10 - 2012-12-19 07:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-02-10 18:39 - 2010-04-05 11:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-12-21 21:04 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2013-07-23 10:54 - 2013-07-23 10:54 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-06-13 13:44 - 2013-06-13 13:44 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-06-13 13:40 - 2013-06-13 13:40 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-06-13 13:47 - 2013-06-13 13:47 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-11-20 14:42 - 2013-03-14 10:46 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2013-11-20 14:48 - 2013-05-15 15:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
2016-01-19 19:22 - 2016-01-19 19:22 - 00193152 _____ () C:\Program Files (x86)\t_201601191922\201601191922\tslog.exe
2013-12-18 13:19 - 2012-04-14 15:41 - 00217944 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Antivirus\bdfltlib.dll
2016-01-19 19:23 - 2016-01-19 19:23 - 00481632 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\sqlite.dll
2016-01-19 19:23 - 2016-01-19 19:23 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\zlib.dll
2016-01-19 19:23 - 2016-01-19 19:23 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\tinyxml.dll
2016-01-19 19:23 - 2016-01-19 19:23 - 00018784 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\oDayProtect.dll
2016-01-19 19:23 - 2016-01-19 19:23 - 00063840 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2016-01-19 19:23 - 2016-01-19 19:23 - 00039776 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2016-01-19 19:23 - 2016-01-19 19:23 - 00203104 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQFileFlt.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-04-29 15:17 - 2013-04-29 15:17 - 00587264 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-03-30 17:48 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-02-10 18:28 - 2010-04-14 19:20 - 00053248 _____ () C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\LEJES.dll
2015-10-10 13:05 - 2015-04-07 14:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2013-11-20 14:36 - 2013-06-23 21:05 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-19 19:22 - 2016-01-19 19:22 - 00074880 _____ () C:\Users\Roman\AppData\Local\Temp\tinyxml2.dll
2016-01-15 02:01 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-15 02:01 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:1CE11B51

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\sony.com -> sony.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "MTview"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\StartupApproved\Run: => "Advanced SystemCare Ultimate"
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\StartupApproved\Run: => "Hide ALL IP"
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\StartupApproved\Run: => "lsas"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{16F389C7-71B2-44F8-B10C-6B1960EA6BA9}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BE758B12-12BE-445A-80E7-53C82771A99E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{6229E313-42BD-43D1-A55E-DEB5E2C86EFB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{7A0DB794-2C47-4B6E-BD5E-B81C68D2BC46}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [TCP Query User{75DAC468-0D5D-4B2A-9D5F-A8F5957D33F9}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [{BD6E1726-3892-45C5-85FC-8CC231FC2340}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{84B8D985-C393-4464-BB96-662FDB897887}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{7105C906-62D7-40FC-B8E7-7DB456F68D56}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A665235A-C013-463E-BC1E-A5EDFFA7FB4A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F7B37349-4FF2-4E59-B83F-B0CF5205FD00}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{346F55E7-74AA-4E0E-B8C1-78747A7DCA1F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B02A3549-734B-4F41-95C9-7C593DB1D634}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5EAD0EAB-2382-4748-871C-87B39FC53123}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E0480C18-A2D0-4B62-8CA6-ED9D7DD0490A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0ACEB0BA-D9AD-4106-AA9B-3E0531CDF72A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5B98F35B-EAAC-4807-82C9-EE4E392606B8}] => (Allow) C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F60507F4-D9ED-497D-9119-65328FB2A0F7}] => (Allow) C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5132574A-E55E-46DD-9E42-CF478E3CC0BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CA2C6384-D7EF-4E2B-9739-F951272E4B59}] => (Allow) C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{671B9E3B-8E73-48DD-8000-4677C0CC9B50}] => (Allow) C:\Users\Roman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5410B8EC-F8B6-4C5E-8B01-50D5C31FDCE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD07DBE7-3157-466D-B7D3-9B710898A065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{87120719-65AC-4534-8E52-562D8B564A96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{A91932E9-FE62-480F-9543-161965492AB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F50BC1D-7298-4C31-8C5C-560C7954389C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{1EEBDD3A-E222-4A36-9265-074677AE0EEC}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{CD14C6C0-E7DF-406A-9D1A-4981F2F9DF7A}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{BF5E9383-C4EF-4456-B6E6-FBBAB48B2867}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A7B4303E-4D31-4718-9D34-A32865A72B62}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4AAB5CED-D676-4283-9BFC-ACBD8F31662E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C1AA79E9-6161-4C6E-AE29-5082B5942587}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{4A58CD56-1DF5-43A1-A9A7-312BCD65FDCB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{84E92A0D-FFAC-43E0-9E90-B1BDBFB1865E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{B128F5F0-9152-4471-8452-A33B17891765}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{12046C06-F19F-4E99-A1A2-78DA475F99D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FB9E6F71-DC02-413E-A8B8-046F63B3D908}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{73F01AAF-EE93-46EE-9DF8-ADCA6A9DA148}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{690C66D7-81F1-4CF8-8E53-6B238938A7A8}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{F95CBD0E-B765-4C4B-A34A-0C8E28A75DFF}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{EB33DE86-C3DA-4298-969D-F95E5280F680}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{F263A331-4B77-43B7-B537-2356C6C1B096}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{D8C0D453-A041-4F13-992A-967695885661}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C0A1A132-EB2E-49B6-AE89-8F83848D67F8}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{93AA1D09-2CE0-419B-B96F-60A94530056D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCmgrInstallGuide.exe
FirewallRules: [{7BB01830-B4A9-42B2-8CFC-7D1077D1F1FA}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{63CDEDAD-76B2-461D-8BEF-34E65CFADB09}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCTray.exe
FirewallRules: [{67937B06-4A82-4BC8-B46E-F21E4C481A27}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCMgr.exe
FirewallRules: [{CC1D4230-799D-4C72-BA58-492E24AE9A71}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe
FirewallRules: [{D70AFE70-DC6C-4712-B71B-DAC3BD21EAFC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMDL.exe
FirewallRules: [{4B3E5B16-3569-4615-A015-7A51C9F10DDC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\bugreport.exe
FirewallRules: [{5E3BC7C2-8C63-49AC-8A61-FFBB98330BEE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCFileOpen.exe
FirewallRules: [{9C0E61B2-BB56-489C-BE71-78CEA75D98DA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCLeakScan.exe
FirewallRules: [{44A1B640-0C8A-4987-B42E-B51ADD733EE7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPConfig.exe
FirewallRules: [{463722E3-58F4-47A7-8723-906B53907561}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCSoftMgr.exe
FirewallRules: [{534CDDB7-CA7E-48A8-97CA-350D147DBDF3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{4F8441B0-2AA0-4BA6-AA18-8FA5D976A769}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCBTU.exe
FirewallRules: [{AD20C753-0014-48A0-B97D-6AF224845F8E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCClinic.exe
FirewallRules: [{33D0A956-18D9-477B-9021-E24387C820CE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCLaunch.exe
FirewallRules: [{AA3D9F99-E2AD-407D-80C5-E0E9A1EC720D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{96E8384B-F98F-40A4-9462-777D9447E500}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCSoftGame.exe
FirewallRules: [{EA9D0D6B-67AC-4C9B-84B0-AB0D1BBCBFB6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCSysOptimize.exe
FirewallRules: [{67013A63-4CBA-4000-84E2-CF4EFBE4CB5D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCUpdateAVLib.exe
FirewallRules: [{EB113113-CF2A-4C39-BB03-29483D69B8FD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQRepair.exe
FirewallRules: [{6C7091B7-6C32-44BA-84A4-0B53E70EA144}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\Uninst.exe
FirewallRules: [{5D196B30-4E7B-4EEF-863D-17F8B16610E0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCPatch.exe
FirewallRules: [{B4EEA754-01B8-47FD-882B-6E45B6B5F08B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TpkUpdate.exe
FirewallRules: [{ABE8DD2E-67B1-4A87-B459-256E1FB3DBAC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMRouterMgr.exe
FirewallRules: [{4E1DD89A-E77B-4E79-AC95-291963F19175}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMAccountProtection.exe
FirewallRules: [{CABC9D35-C4E6-454D-B89E-F81B4FC13F24}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMAdBlock.exe

==================== Restore Points =========================

31-12-2015 17:43:11 TrueCrypt installation
11-01-2016 16:41:42 Before uninstalling World of Tanks
14-01-2016 20:50:48 Before uninstalling Opera Stable 34.0.2036.47
19-01-2016 20:29:51 Before uninstalling AppHelper

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2016 07:24:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/19/2016 07:24:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/19/2016 07:17:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/19/2016 07:17:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/19/2016 12:05:19 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (01/18/2016 02:24:55 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (01/17/2016 02:36:40 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231

Error: (01/16/2016 12:14:26 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Neočakávaná alebo chýbajúca hodnota (názov: PackageCode, hodnota: GUID) v kľúči HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219

Error: (01/16/2016 10:16:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (01/16/2016 10:16:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (01/19/2016 08:43:55 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: RM)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2322173282-1921665351-3622067993-1002-0-ntuser.dat

Error: (01/19/2016 08:43:48 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: RM)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2322173282-1921665351-3622067993-1002-0-ntuser.dat

Error: (01/19/2016 08:40:02 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a29\??\C:\Users\Roman\ntuser.dat

Error: (01/19/2016 08:23:28 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: RM)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2322173282-1921665351-3622067993-1002-0-ntuser.dat

Error: (01/19/2016 08:23:18 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: RM)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2322173282-1921665351-3622067993-1002-0-ntuser.dat

Error: (01/19/2016 08:17:58 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a29\??\C:\Users\Roman\ntuser.dat

Error: (01/19/2016 08:16:19 PM) (Source: DCOM) (EventID: 10000) (User: RM)
Description: "C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe" -Embedding5{70DE12EA-79F4-46BC-9812-86DB50A2FD64}

Error: (01/19/2016 07:23:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba QQPCMgr RTP Service je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/19/2016 07:18:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby MBAMScheduler bol dosiahnutý časový limit (30000 ms).

Error: (01/19/2016 03:52:15 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: RM)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-2322173282-1921665351-3622067993-1002-0-ntuser.dat


CodeIntegrity:
===================================
  Date: 2015-11-20 13:05:30.279
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-16 06:23:17.601
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-26 15:19:55.596
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 6061.48 MB
Available physical RAM: 3157.79 MB
Total Virtual: 7085.48 MB
Available Virtual: 3752.87 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:130.93 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:76.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 5B98F280)

Partition: GPT.

==================== End of Addition.txt ============================