Prosím o pomoc

Zpráva

MartinKovac · #1 Příspěvek od **MartinKovac** » 05 lis 2017 21:10

Dobrý deň už dlhšie pozorujem že moc PC sa prehrieva a zistil som že je to zrejme kvôli súboru winnet32b prosím o pomoc ak je teda možná
info.txt logfile of random's system information tool 1.10 2017-11-05 20:44:25

======MBR======

0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000DF70008F000000000200EEFFFFFF010000002F60383A00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->MsiExec /X{F9835182-794B-4F24-902A-E2CA9D43380F}
Adobe Reader X (10.1.16) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824184103}
Advanced SystemCare 9-->"C:\Program Files (x86)\IObit\Advanced SystemCare\unins000.exe"
Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{3727C0FE-4357-492C-85EE-E78BC31BF831}\setup.exe
ArcSoft Print Creations - Album Page-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{85F1B81D-72C5-4357-81F9-B0A1D71DF59B}\setup.exe" -l0x9 -1AlbumPage
ArcSoft Print Creations - Photo Book-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{85F1B81D-72C5-4357-81F9-B0A1D71DF59B}\setup.exe" -l0x9 -1PhotoBook
ArcSoft Print Creations-->RunDll32 C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{85F1B81D-72C5-4357-81F9-B0A1D71DF59B}\setup.exe" -l0x9
ASUS LifeFrame3-->MsiExec.exe /X{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS Smart Gesture-->MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Tutor-->MsiExec.exe /I{58172D66-2F69-4215-9AEC-ED8196023736}
ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
ASUS WebStorage Sync Agent-->C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Avi to Mpeg 2.1-->"C:\Program Files (x86)\Avi to Mpeg\unins000.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Definition Update for Microsoft Office 2010 (KB3115129) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{6E55AED9-97BB-483A-A64F-7BE02296ABCB}" "1051" "0"
Driver Booster 3.4-->"C:\Program Files (x86)\IObit\Driver Booster\unins000.exe"
ESET Smart Security-->MsiExec.exe /I{F0235BC5-889C-442D-B831-7F894E5C9AD1}
Fotogaléria-->MsiExec.exe /X{5B87607E-E781-49C5-9891-80990E45BCA1}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\setup.exe" --uninstall --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
IObit Uninstaller-->"C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe"
J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050}
Java 7 Update 60-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217060FF}
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)-->MsiExec.exe /I{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}
Microsoft Office Access MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0015-041B-1000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0016-041B-1000-0000000FF1CE}
Microsoft Office Groove MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00BA-041B-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0044-041B-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00A1-041B-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001A-041B-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0018-041B-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2010-->MsiExec.exe /X{90140000-001F-040E-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2010-->MsiExec.exe /X{90140000-002C-041B-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0019-041B-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0043-041B-1000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2010-->MsiExec.exe /X{90140000-006E-041B-1000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001B-041B-1000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501-->"C:\ProgramData\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501-->"C:\ProgramData\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005-->MsiExec.exe /X{929FBD26-9020-399B-9A7A-751D61F0B942}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005-->MsiExec.exe /X{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}
Movie Maker-->MsiExec.exe /X{0CD05078-D4F3-4006-8726-B01E10A89B28}
Movie Maker-->MsiExec.exe /X{DD67BE4B-7E62-4215-AFA3-F123A800A389}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
MyPC Backup -->C:\Program Files (x86)\MyPC Backup\uninst.exe
Nokia Connectivity Cable Driver-->RUNDLL32.EXE ccdcmbwux64.dll,WuUninstall
NVIDIA PhysX-->MsiExec.exe /X{F9835182-794B-4F24-902A-E2CA9D43380F}
PDF to Doc Converter 6.0-->C:\Program Files (x86)\PDF to Doc Converter\Uninstall.exe
Photo Common-->MsiExec.exe /X{D18F29F4-3609-4FBD-8A76-57B6AC3404F3}
Photo Gallery-->MsiExec.exe /X{07AAB66E-4718-422D-9218-4AFB3C922A71}
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
Qualcomm Atheros Bluetooth Suite (64)-->MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{A37C2019-B3DB-43EF-9CF6-BE1DEE72E783}" "1051" "0"
Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A37C2019-B3DB-43EF-9CF6-BE1DEE72E783}" "1051" "0"
Security Update for Microsoft Excel 2010 (KB3114888) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{CA4F4238-2DB3-4F86-9F5E-54A22045E7E4}" "1051" "0"
Security Update for Microsoft Excel 2010 (KB3114888) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{CA4F4238-2DB3-4F86-9F5E-54A22045E7E4}" "1051" "0"
Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{B78E5386-2F91-4CB4-A8CF-F5582CF3C920}" "1051" "0"
Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{B78E5386-2F91-4CB4-A8CF-F5582CF3C920}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{A97FC79A-3344-410B-8E6B-95931B630C42}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A97FC79A-3344-410B-8E6B-95931B630C42}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{95FC4D5E-0C1A-435A-9759-E8656BCB358B}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{DEE523DB-C590-45D3-B658-73F93062D7B3}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{C7B639A9-54A9-4B30-87AA-45BD4F06E1A6}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{D458143D-EEDA-486F-8985-F16BF87AA315}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{58C697C0-E8B1-4AF2-9352-292877352216}" "1051" "0"
Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{3BA6C2D8-F58F-462C-AE86-49E57CB5B607}" "1051" "0"
Security Update for Microsoft Office 2010 (KB3054984) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{59BBE5CD-9F24-4EA0-A94A-00D554D7F0CF}" "1051" "0"
Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{BA91EE36-FCBC-4E9B-AF0E-7A7EEA4C451C}" "1051" "0"
Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{B830A85C-61D7-423E-8F80-1C286D3B6AA3}" "1051" "0"
Security Update for Microsoft Office 2010 (KB3101520) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{EC0BE699-EDCB-45BC-9946-F15D1A259B32}" "1051" "0"
Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-041B-1000-0000000FF1CE}" "{DE25C937-80C0-4BC8-BEF6-26D9F981BC57}" "1051" "0"
Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{668714F6-AC7B-4DA0-B1C7-0EBFB7EBC16C}" "1051" "0"
Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{668714F6-AC7B-4DA0-B1C7-0EBFB7EBC16C}" "1051" "0"
Security Update for Microsoft Visio 2010 (KB3114402) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{5B88FFB4-F3EB-4B39-95C6-E25C75897EB8}" "1051" "0"
Security Update for Microsoft Visio 2010 (KB3114402) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{5B88FFB4-F3EB-4B39-95C6-E25C75897EB8}" "1051" "0"
Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{76D6BDFA-2308-4B92-A711-AF7A40BE044E}" "1051" "0"
Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-041B-1000-0000000FF1CE}" "{76D6BDFA-2308-4B92-A711-AF7A40BE044E}" "1051" "0"
Security Update for Microsoft Word 2010 (KB3115123) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{34B93432-8B14-4863-9D84-0A456067C3F7}" "1051" "0"
Security Update for Microsoft Word 2010 (KB3115123) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{34B93432-8B14-4863-9D84-0A456067C3F7}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{A3364707-2F53-4C83-8F68-C9877A9080C7}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{235F521F-C627-4957-A641-C4C161F78531}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{EE3A99C9-FD8F-4923-9F82-27365DA4B873}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040E-1000-0000000FF1CE}" "{8BAB29CB-1981-4361-B95D-094B49696E38}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{2E7C03CB-FE0A-4B95-BA37-742CD596760C}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-041B-1000-0000000FF1CE}" "{3BB91E92-6A83-40BC-96AA-19EBAF45EAFD}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{F3FAAB68-7697-4B1F-A23A-72312565AEAB}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-041B-1000-0000000FF1CE}" "{AB13A482-50B6-48B4-A741-C49AAB6001FE}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{CDA7DE03-9607-444C-9CEB-EF677753373A}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-041B-1000-0000000FF1CE}" "{0E309301-DBF3-4469-9A89-914AFEF80A69}" "1051" "0"
Shared C Run-time for x64-->MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054}
Skype Click to Call-->MsiExec.exe /I{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}
Smart Defrag 2-->"C:\Program Files (x86)\IObit\Smart Defrag 2\unins000.exe"
Smart Defrag 3-->"C:\Program Files (x86)\IObit\Smart Defrag 3\unins000.exe"
The Battle for Middle-earth II-->C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth II\EAUninstall.exe
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-041B-1000-0000000FF1CE}" "{E2F8A357-D803-4CD2-B3B9-884E3FC8E237}" "1051" "0"
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-041B-1000-0000000FF1CE}" "{E2F8A357-D803-4CD2-B3B9-884E3FC8E237}" "1051" "0"
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-041B-1000-0000000FF1CE}" "{E2F8A357-D803-4CD2-B3B9-884E3FC8E237}" "1051" "0"
Update for Microsoft Filter Pack 2.0 (KB2999508) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{1664BDC2-23E1-43CD-B852-DBE6D4206959}" "1051" "0"
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}" "1051" "0"
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}" "1051" "0"
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040E-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1051" "0"
Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{08E1BF53-B96E-4ADF-935F-A90F867E8F6B}" "1051" "0"
Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{08E1BF53-B96E-4ADF-935F-A90F867E8F6B}" "1051" "0"
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{79C725A1-3964-421C-A528-78C1C083C7C7}" "1051" "0"
Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{9466D7C3-A2C9-457A-8135-03F20F3268B4}" "1051" "0"
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}" "1051" "0"
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}" "1051" "0"
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{EBD18DE5-BC84-4B57-9A30-097044871F9A}" "1051" "0"
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{B340E9EB-DDA6-40E7-8501-5B7BAEC6D25F}" "1051" "0"
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{4AD36582-256B-433D-8593-F31773A15CA4}" "1051" "0"
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{4AD36582-256B-433D-8593-F31773A15CA4}" "1051" "0"
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{9505441B-65A1-4AD5-B727-0CE42D24D2B7}" "1051" "0"
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{B6AD7E27-012A-4B63-82BA-AF62893E5435}" "1051" "0"
Update for Microsoft Office 2010 (KB2791057) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{1723E390-6B61-4914-A64D-F16398FA940E}" "1051" "0"
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{07DC9C6C-E916-4F42-8677-716930ED0393}" "1051" "0"
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}" "1051" "0"
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}" "1051" "0"
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-041B-1000-0000000FF1CE}" "{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}" "1051" "0"
Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{956B3213-0246-42A8-A6FE-3EF7DC6E66A9}" "1051" "0"
Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{F51F47E8-881F-4BCC-BE51-1F708EE69531}" "1051" "0"
Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{75A4ACD6-A407-41B3-8889-8AB7862A9D9D}" "1051" "0"
Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{4F55B2F9-E491-4630-A994-2F37D1AB3A77}" "1051" "0"
Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{4F55B2F9-E491-4630-A994-2F37D1AB3A77}" "1051" "0"
Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{BABE5F32-A2B5-498E-BCB5-1325170A8F56}" "1051" "0"
Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{4BC0A78F-012B-47BF-80E8-963D44286558}" "1051" "0"
Update for Microsoft Office 2010 (KB3114555) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{9557A4CC-8FE7-457E-A62E-0D8A7D81FA0A}" "1051" "0"
Update for Microsoft Office 2010 (KB3114750) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{09A5CC27-81F0-4E15-9F40-CE4235E067B9}" "1051" "0"
Update for Microsoft Office 2010 (KB3114750) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{09A5CC27-81F0-4E15-9F40-CE4235E067B9}" "1051" "0"
Update for Microsoft Office 2010 (KB3114989) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{D4CF6A17-7575-440C-944B-CA564A285AA2}" "1051" "0"
Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-041B-1000-0000000FF1CE}" "{107E5BEB-1DFC-4CD7-9B3D-79E3B09C75EF}" "1051" "0"
Update for Microsoft OneNote 2010 (KB3114410) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{A8D9AFCD-047E-4E89-A351-19839C864752}" "1051" "0"
Update for Microsoft OneNote 2010 (KB3114410) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{A8D9AFCD-047E-4E89-A351-19839C864752}" "1051" "0"
Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{60B4149F-719E-45A6-9B57-60367065CFB3}" "1051" "0"
Update for Microsoft Outlook 2010 (KB3114756) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{07E544D0-E93E-4315-AB36-76E8E64E5A99}" "1051" "0"
Update for Microsoft Outlook 2010 (KB3115127) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{98355CCD-C7CA-4CDC-B9B7-7E3D21B5BC37}" "1051" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{9E5104CF-2AE5-4D90-8D5A-9BE468964D8B}" "1051" "0"
Update for Microsoft PowerPoint 2010 (KB3114867) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{78D9400A-6B99-4437-A7D5-707B52CF23DA}" "1051" "0"
Update for Microsoft PowerPoint 2010 (KB3114867) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{78D9400A-6B99-4437-A7D5-707B52CF23DA}" "1051" "0"
Update for Microsoft Project 2010 (KB3115001) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{B1AFD7D4-E0D6-4CF0-BCCA-464C146FC360}" "1051" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}" "1051" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}" "1051" "0"
Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{899F1A18-D860-4C63-B3C8-095B8E537D3D}" "1051" "0"
VLC media player 2.0.4-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170)-->C:\PROGRA~1\DIFX\0AA3FA~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_536dba63d5fddbba\asustp.inf
Windows Live Communications Platform-->MsiExec.exe /I{41C61308-6CFD-4D54-AB6A-7136ED08A18E}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{47AC83D4-C2CE-4F1F-8494-FB08066B38E3}
Windows Live Installer-->MsiExec.exe /I{659CB81C-B54E-4DF1-B618-F35777393A54}
Windows Live Photo Common-->MsiExec.exe /X{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}
Windows Live PIMT Platform-->MsiExec.exe /I{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}
Windows Live SOXE Definitions-->MsiExec.exe /I{D1893000-EA77-493C-8DDD-E262436E959B}
Windows Live SOXE-->MsiExec.exe /I{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2F3E0052-438D-4D42-873C-94223F25FF7A}
Windows Live UX Platform-->MsiExec.exe /I{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}
WinRAR 4.20 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: matokovac
Event Code: 1014
Message: Name resolution for the name clients4.google.com timed out after none of the configured DNS servers responded.
Record Number: 181465
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20170109223418.342503-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: matokovac
Event Code: 1014
Message: Name resolution for the name yt3.ggpht.com timed out after none of the configured DNS servers responded.
Record Number: 181442
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20170109215718.124295-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: matokovac
Event Code: 1014
Message: Name resolution for the name win8.ipv6.microsoft.com. timed out after none of the configured DNS servers responded.
Record Number: 181335
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20170109213854.553466-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: matokovac
Event Code: 1014
Message: Name resolution for the name accounts.google.com timed out after none of the configured DNS servers responded.
Record Number: 181330
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20170109213552.157241-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: matokovac
Event Code: 1014
Message: Name resolution for the name platform.wondershare.com timed out after none of the configured DNS servers responded.
Record Number: 180833
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20170109182618.564453-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: matokovac
Event Code: 5973
Message: Aktivácia aplikácie Microsoft.BingWeather_8wekyb3d8bbwe!App zlyhala pre chybu: Vstavaný správca nemôže aktivovať túto aplikáciu. Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Record Number: 115413
Source Name: Microsoft-Windows-Immersive-Shell
Time Written: 20160702222808.985417-000
Event Type: Error
User: MATOKOVAC\Administrator

Computer Name: matokovac
Event Code: 1000
Message: Názov chybujúcej aplikácie: Stronghold Crusader.exe, verzia: 1.0.0.1, časová značka: 0x48288a6b
Názov chybujúceho modulu: Wpc.dll_unloaded, verzia: 6.3.9600.17415, časová značka: 0x54503e7c
Kód výnimky: 0xc0000005
Odstup chyby: 0x000775a0
Identifikácia chybujúceho procesu: 0xe48
Čas spustenia chybujúcej aplikácie: 0x01d1cd953302d2e6
Cesta chybujúcej aplikácie: C:\Users\ADMINI~1\AppData\Local\Temp\Rar$EXa0.793\Stronghold Crusader\Stronghold Crusader.exe
Cesta chybujúceho modulu: Wpc.dll
Identifikácia hlásenia: 746be038-3988-11e6-bfd0-94dbc9b6447c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Record Number: 114563
Source Name: Application Error
Time Written: 20160623212132.000000-000
Event Type: Error
User:

Computer Name: matokovac
Event Code: 5973
Message: Aktivácia aplikácie FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager zlyhala pre chybu: Vstavaný správca nemôže aktivovať túto aplikáciu. Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Record Number: 114480
Source Name: Microsoft-Windows-Immersive-Shell
Time Written: 20160622140329.738958-000
Event Type: Error
User: MATOKOVAC\Administrator

Computer Name: matokovac
Event Code: 5973
Message: Aktivácia aplikácie FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager zlyhala pre chybu: Vstavaný správca nemôže aktivovať túto aplikáciu. Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Record Number: 114479
Source Name: Microsoft-Windows-Immersive-Shell
Time Written: 20160622140326.401237-000
Event Type: Error
User: MATOKOVAC\Administrator

Computer Name: matokovac
Event Code: 5973
Message: Aktivácia aplikácie FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager zlyhala pre chybu: Vstavaný správca nemôže aktivovať túto aplikáciu. Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Record Number: 114478
Source Name: Microsoft-Windows-Immersive-Shell
Time Written: 20160622140323.171088-000
Event Type: Error
User: MATOKOVAC\Administrator

=====Security event log=====

Computer Name: matokovac
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 166244
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160309184416.380658-000
Event Type: Audit Success
User:

Computer Name: matokovac
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: MATOKOVAC$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Logon Type: 5

Impersonation Level: Impersonation

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x264
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 166243
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160309184416.380658-000
Event Type: Audit Success
User:

Computer Name: matokovac
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 166242
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160309174449.273552-000
Event Type: Audit Success
User:

Computer Name: matokovac
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: MATOKOVAC$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Logon Type: 5

Impersonation Level: Impersonation

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x264
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The impersonation level field indicates the extent to which a process in the logon session can impersonate.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 166241
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160309174449.273552-000
Event Type: Audit Success
User:

Computer Name: matokovac
Event Code: 4797
Message: An attempt was made to query the existence of a blank password for an account.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3E5

Additional Information:
Caller Workstation: MATOKOVAC
Target Account Name: Administrator
Target Account Domain: MATOKOVAC
Record Number: 166240
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160309140056.437621-000
Event Type: Audit Success
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
"configsetroot"=%SystemRoot%\ConfigSetRoot

#2 Příspěvek od **Rudy** » 05 lis 2017 22:06

Zdravím!
K řešení vašeho problém je obsah souboru info.txt k ničemu. Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

MartinKovac · #3 Příspěvek od **MartinKovac** » 05 lis 2017 22:40

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Administrator (administrator) on MATOKOVAC (05-11-2017 22:31:44)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Martin & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
() C:\Users\Administrator\AppData\Roaming\Microsoft\Networking\winnet32b.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* [90832 2012-06-07] ()
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2007392 2014-04-01] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-135797651-574853151-142966405-500\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2022688 2016-04-26] (IObit)
HKU\S-1-5-21-135797651-574853151-142966405-500\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-04-24] (Disc Soft Ltd)
HKU\S-1-5-21-135797651-574853151-142966405-500\...\RunOnce: [daRcECyvBV] => C:\daRcECyvBVdaRcECyvBV\daRcECyvBV.vbs [140 2017-02-16] ()
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {54499fa1-06ab-11e5-bf99-94dbc9b6447c} - "F:\setup.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {76177690-da4e-11e6-bfef-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {835f2f19-4d4e-11e7-bfff-94dbc9b6447c} - "F:\Autorun.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {ba31d897-a79a-11e6-bfec-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {d917ab0f-da65-11e6-bfef-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-07-09] ()
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-07-09] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Steam Update.bat [2017-07-21] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{849E99CB-1CA5-45A4-8143-455066A57D8D}: [DhcpNameServer] 192.168.20.138
Tcpip\..\Interfaces\{FC62A3F7-CFB2-4D1F-B296-25073FF5753E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^UX^xdm007^YY^sk&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&si=COe2j4bck7cCFQbHtAod_wIApA
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
URLSearchHook: HKU\S-1-5-21-135797651-574853151-142966405-500 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
SearchScopes: HKLM-x32 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^UX^xdm007^YY^sk&si=COe2j4bck7cCFQbHtAod_wIApA&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&ind=2013051314&n=77fcb9b2&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^UX^xdm007^YY^sk&si=COe2j4bck7cCFQbHtAod_wIApA&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&ind=2013051314&n=77fcb9b2&psa=&st=sb&searchfor={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-03] (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-135797651-574853151-142966405-500 -> No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-06-28] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [39ffxtbr@MapsGalaxy_39.com] - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin
FF Extension: (No Name) - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin [2014-01-25] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-04-23] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://asus13.msn.com/
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2017-11-05]
CHR Extension: (Prezentácie) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-23]
CHR Extension: (Dokumenty) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23]
CHR Extension: (Disk Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-02]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabuľky) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-23]
CHR Extension: (Ads Removal) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-21]
CHR HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Administrator\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Administrator\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Martin\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-18] (Just Develop It) [File not signed] <==== ATTENTION
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2015-09-13] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-08-22] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4267008 2015-09-13] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70928 2015-09-13] (ASUS Corporation)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 cpuz138; C:\Users\Administrator\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2017-11-05] (CPUID) <==== ATTENTION
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-09] (Disc Soft Ltd)
U3 dtlitescsidrv; C:\Windows\System32\Drivers\dtlitescsidrv.sys [316072 2017-06-09] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-09] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [58416 2013-02-14] (ESET)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX(tm))
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2015-09-13] (Intel Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [394296 2017-06-09] (Duplex Secure Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-08-22] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-08-22] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-05 22:31 - 2017-11-05 22:32 - 000045449 _____ C:\Users\Administrator\Desktop\FRST.txt
2017-11-05 22:30 - 2017-11-05 22:30 - 000112640 _____ (forum.viry.cz) C:\Users\Administrator\Downloads\FRSTLauncher.exe
2017-11-05 22:30 - 2017-11-05 22:30 - 000029696 _____ C:\Users\Administrator\AppData\Local\MSGBOX.EXE
2017-11-05 22:30 - 2017-11-05 22:30 - 000015327 _____ C:\Users\Administrator\Desktop\LM.bat
2017-11-05 22:25 - 2017-11-05 22:31 - 000000000 ____D C:\FRST
2017-11-05 22:21 - 2017-11-05 22:23 - 002403328 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2017-11-05 21:15 - 2017-11-05 21:15 - 000053017 _____ C:\Users\Administrator\Desktop\info winnet32b.txt
2017-11-05 20:43 - 2017-11-05 20:44 - 000000000 ____D C:\rsit
2017-11-05 20:43 - 2017-11-05 20:44 - 000000000 ____D C:\Program Files\trend micro
2017-11-05 20:42 - 2017-11-05 20:43 - 001222144 _____ C:\Users\Administrator\Downloads\RSITx64.exe
2017-11-05 20:19 - 2017-11-05 20:20 - 000000314 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
2017-11-05 20:19 - 2017-11-05 20:19 - 000002430 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Administrator
2017-11-05 18:51 - 2017-11-05 18:51 - 000002892 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Administrator)
2017-10-24 18:31 - 2017-10-24 18:31 - 007923662 _____ C:\Users\Administrator\Downloads\fwdcheatingexam.zip
2017-10-24 18:23 - 2017-10-24 18:26 - 023503474 _____ C:\Users\Administrator\Downloads\fwdeducation.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-05 21:57 - 2016-05-10 21:52 - 000000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34.job
2017-11-05 21:56 - 2015-07-15 21:51 - 000000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d.job
2017-11-05 21:51 - 2015-02-05 15:46 - 000000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2.job
2017-11-05 20:08 - 2014-11-10 22:33 - 000004006 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98A1F2CA-442E-445B-B163-F72C132F164D}
2017-11-05 20:08 - 2013-07-21 16:54 - 000000000 ____D C:\ProgramData\IObit
2017-11-05 12:49 - 2013-03-28 10:56 - 000000380 _____ C:\Users\Administrator\AppData\Roaming\sp_data.sys
2017-11-05 12:48 - 2016-07-05 13:02 - 000000324 _____ C:\WINDOWS\Tasks\ASC9_PerformanceMonitor.job
2017-11-03 16:34 - 2013-05-08 13:14 - 000000000 ____D C:\Users\Administrator\Desktop\Martinko
2017-11-03 16:30 - 2014-09-24 06:35 - 000863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-03 16:30 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2017-11-03 16:25 - 2015-07-24 20:25 - 000000000 ____D C:\ProgramData\ProductData
2017-10-23 12:43 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-12 17:51 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories =======

2013-04-19 19:39 - 2013-04-19 19:39 - 000099384 _____ () C:\Users\Administrator\AppData\Roaming\inst.exe
2014-09-17 12:48 - 2014-09-17 12:48 - 000000021 _____ () C:\Users\Administrator\AppData\Roaming\my_intel.sys
2013-04-19 19:39 - 2013-04-19 19:39 - 000007859 _____ () C:\Users\Administrator\AppData\Roaming\pcouffin.cat
2013-04-19 19:39 - 2013-04-19 19:39 - 000001167 _____ () C:\Users\Administrator\AppData\Roaming\pcouffin.inf
2013-04-19 19:39 - 2013-04-19 19:39 - 000000055 _____ () C:\Users\Administrator\AppData\Roaming\pcouffin.log
2013-04-19 19:39 - 2013-04-19 19:39 - 000082816 _____ (VSO Software) C:\Users\Administrator\AppData\Roaming\pcouffin.sys
2013-03-28 10:56 - 2017-11-05 12:49 - 000000380 _____ () C:\Users\Administrator\AppData\Roaming\sp_data.sys
2013-04-19 19:33 - 2013-04-19 19:38 - 000001057 _____ () C:\Users\Administrator\AppData\Roaming\vso_ts_preview.xml
2017-11-05 22:30 - 2017-11-05 22:30 - 000029696 _____ () C:\Users\Administrator\AppData\Local\MSGBOX.EXE
2015-07-16 20:08 - 2017-09-04 19:11 - 000007605 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2017-01-14 12:12 - 2017-01-14 12:12 - 000000000 _____ () C:\Users\Administrator\AppData\Local\{1777075C-E912-41B5-AA4D-924AB9A8FED4}
2016-03-09 22:11 - 2016-03-09 22:11 - 000000000 _____ () C:\Users\Administrator\AppData\Local\{2C9D7FB3-F15F-4AF8-A47B-9B3786818807}
2017-05-03 17:00 - 2017-05-03 17:00 - 000000000 _____ () C:\Users\Administrator\AppData\Local\{2FEB300E-DD89-4995-8D96-90A89EBCBB60}
2016-03-09 22:11 - 2016-03-09 22:11 - 000000000 _____ () C:\Users\Administrator\AppData\Local\{CFB8B941-D316-4AF8-B718-BBD28115A0A3}
2013-05-02 00:12 - 2013-05-04 09:51 - 000000000 _____ () C:\ProgramData\as98213.txt
2013-05-02 00:11 - 2013-05-04 09:54 - 095023320 ____T () C:\ProgramData\lvociw.pad
2013-05-02 00:12 - 2013-05-02 00:12 - 000000152 _____ () C:\ProgramData\lvociw.reg
2013-05-02 00:11 - 2013-05-02 00:11 - 000048640 _____ (Microsoft Corporation) C:\ProgramData\rundll32.exe
2012-08-04 18:37 - 2012-07-30 07:03 - 000000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 18:37 - 2009-07-22 11:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe
2014-06-17 16:22 - 2014-06-17 16:25 - 000000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-06-17 16:21 - 2014-06-17 16:22 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\ProgramData\lvociw.pad
C:\ProgramData\lvociw.reg
C:\ProgramData\rundll32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-02 19:22

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by Administrator (05-11-2017 22:34:55)
Running from C:\Users\Administrator\Desktop
Windows 8.1 (Update) (X64) (2014-11-04 20:36:53)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-135797651-574853151-142966405-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-135797651-574853151-142966405-501 - Limited - Disabled)
Martin (S-1-5-21-135797651-574853151-142966405-1001 - Administrator - Enabled) => C:\Users\Martin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit)
Age of Empires III - The WarChiefs Trial (HKLM-x32\...\{ABFE9B50-BA4B-4FDF-A943-EA025119DBED}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-135797651-574853151-142966405-500\...\Akamai) (Version: - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM-x32\...\{3727C0FE-4357-492C-85EE-E78BC31BF831}) (Version: 3.6.142.61624 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.6.142.61624 - Alcor Micro Corp.)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{85F1B81D-72C5-4357-81F9-B0A1D71DF59B}) (Version: 3.0.255.407 - ArcSoft)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Avi to Mpeg 2.1 (HKLM-x32\...\{14BF164E-80A4-422E-BE43-39FB759666C2}_is1) (Version: - Avi to Mpeg)
BrowserProtect (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - ) <==== ATTENTION
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0232 - Disc Soft Ltd)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
ESET Smart Security (HKLM\...\{F0235BC5-889C-442D-B831-7F894E5C9AD1}) (Version: 6.0.316.2 - ESET, spol s r. o.)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
J2SE Runtime Environment 5.0 Update 5 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150050}) (Version: 1.5.0.50 - Sun Microsystems, Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
MapsGalaxy Toolbar (HKLM-x32\...\MapsGalaxy_39bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MyPC Backup (HKLM\...\MyPC Backup) (Version: - MyPC Backup) <==== ATTENTION
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA PhysX (HKLM-x32\...\{F9835182-794B-4F24-902A-E2CA9D43380F}) (Version: 9.10.0512 - NVIDIA Corporation)
PDF to Doc Converter 6.0 (HKLM-x32\...\PDF to Doc Converter 6.0) (Version: - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-135797651-574853151-142966405-500\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Smart Defrag 2 (HKLM-x32\...\Smart Defrag 2_is1) (Version: 2.9 - IObit)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
The Battle for Middle-earth II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-135797651-574853151-142966405-500_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2015-12-28] (IObit)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-08-10] (Qualcomm Atheros Commnucations)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2013-03-21] (ESET)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-02-13] (IObit)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2015-12-28] (IObit)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2013-03-21] (ESET)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-08-10] (Qualcomm Atheros Commnucations)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2015-12-28] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2013-03-21] (ESET)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-02-13] (IObit)
ContextMenuHandlers1_S-1-5-21-135797651-574853151-142966405-500: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0029A3A0-EF96-4436-8704-3D9C367B6807} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {0BE14BE9-82B1-4F67-9535-625EDDAC6AB6} - System32\Tasks\{47E39BC6-4ACF-4810-819E-665B635CDAD3} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/sk/abandoninstall?page=tsMain
Task: {10E1E09A-55A6-448D-84B1-43973F339B2D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-04] (ASUS)
Task: {152A6A13-369A-4A40-B924-BECB731D86BB} - System32\Tasks\{83F98471-45A9-4B5D-AB6C-D1F30C1BF124} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/sk/abandoninstall?page=tsProgressBar
Task: {16C90390-C7C3-4531-86E1-1813CC27801E} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-05-06] (IObit)
Task: {1996E97E-76EB-49E5-A37A-2B12648711D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {22F9E627-7F73-4898-BE1F-3CCD02FC8514} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {237F9010-3590-4419-AF6D-F7C8DAE35D1C} - System32\Tasks\{F21464F4-E6C9-4B4E-BEB7-9A52AD6B86B1} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.26.0.101/sk/abandoninstall?page=tsProgressBar
Task: {256307EE-451B-4366-A116-42888F41881B} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-05-18] (IObit)
Task: {2992DBA5-816D-4560-AFB0-5160B2C48A96} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dfd9768c1c4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {39B7705B-6D30-4A6C-ABE4-663ED10C7EF1} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {39B7705B-6D30-4A6C-ABE4-663ED10C7EF1} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {39B7705B-6D30-4A6C-ABE4-663ED10C7EF1} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\WINDOWS\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {557C6498-38B4-462D-A25B-4E587AFCDCC4} - System32\Tasks\{DF8A2F51-FEB6-408F-A89F-D73843C814CC} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/sk/go/help.faq.installer?LastError=1603
Task: {5EDB3F63-A5F0-4B38-958A-ADB0CE8BEACE} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-02-13] (IObit)
Task: {6029D9DE-4E0D-4247-9AD7-D8C07C946DCD} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {6A3F5515-E8BE-4797-8547-712A6616B12D} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit)
Task: {7E1613C3-1A10-49B3-8ABB-3AB2961F69ED} - System32\Tasks\{73545AE0-30BE-4E15-B45D-A40C30E402C1} => C:\Windows\system32\pcalua.exe -a C:\Users\Martin\Downloads\aoe3trial.exe -d C:\Users\Martin\Downloads
Task: {7F761091-0079-4F25-9DE4-738A5CA69B22} - System32\Tasks\{79A5FC85-EB1D-4C86-A620-3FAA29A95CE2} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/sk/abandoninstall?page=tsMain
Task: {8409E198-38BD-4A40-B4B6-2AA94ED404FE} - System32\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {953DEBDF-6930-406A-B635-BD2F35536301} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {9789A31D-6991-42F7-8970-264D90DC347F} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {9789A31D-6991-42F7-8970-264D90DC347F} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {9A1D1A41-707A-4672-9E42-E471E9158A47} - System32\Tasks\{A1A1897B-F248-46D5-8511-AEDE1C21AD9F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.59.102/sk/abandoninstall?page=tsMain
Task: {A2645DE3-EE81-4723-975C-9B317A637BCE} - System32\Tasks\GoogleUpdateTaskMachineUA1d0415293f5504e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {ABC27E81-969C-4676-BD5F-9D32665BA8E0} - System32\Tasks\{EF77B343-5560-40F2-AEFF-C194A523C40A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/sk/abandoninstall?page=tsMain
Task: {ACA2FB3C-A405-4DD3-A763-C6E29547B39D} - System32\Tasks\Driver Booster SkipUAC (Administrator) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {B69BAF50-7279-4D30-8AB7-232D47A2DDA5} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-02-13] (IObit)
Task: {B980335A-4792-4FB0-8F6D-E86B75F3508A} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {B980335A-4792-4FB0-8F6D-E86B75F3508A} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {BB81B833-1281-4B2B-9FAC-D63E4C2EC1DD} - System32\Tasks\{633AFDD9-BDC0-429C-99C6-69C40E5A7325} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.18.60.106/sk/abandoninstall?page=tsMain
Task: {C8FCBFE2-3A0D-4BB0-9EE7-E4E3CF29F6C0} - System32\Tasks\{CE1FFD1A-A8B0-431C-8EEF-16350A97ED07} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/sk/abandoninstall?page=tsBing
Task: {CDA1BF5C-14A0-43BE-96E6-DC002C270439} - System32\Tasks\GoogleUpdateTaskMachineCore1ce81842b28b432 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DBC6BC9C-479E-41CD-874C-DB9392718AE4} - System32\Tasks\daRcECyvBV => C:\daRcECyvBVdaRcECyvBV\daRcECyvBV.vbs [2017-02-16] () <==== ATTENTION
Task: {E267BB42-1649-4B93-A224-4860E82027A7} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E74D674B-01EF-44DF-A88C-C9CDF0DB6342} - System32\Tasks\GoogleUpdateTaskMachineUA1d1aafde896ac1f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E8202109-611C-4992-93AA-A5032E08E926} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {E8202109-611C-4992-93AA-A5032E08E926} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {ED27F050-A87F-4DD1-B54C-0F64F137BCF8} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {F6849CAC-25D4-4C9E-BC3C-CCF912E6444D} - System32\Tasks\BrowserProtect => C:\Windows\system32\sc.exe start BrowserProtect <==== ATTENTION
Task: {FC14B94B-FD0E-4949-B9D5-FDD0B2874E70} - System32\Tasks\{6DBA31E5-4CA0-4844-B208-302744B05334} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.59.102/sk/abandoninstall?page=tsBing

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\ASC9_PerformanceMonitor.job => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce81842b28b432.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0415293f5504e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Administrator\Desktop\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2012-08-04 10:34 - 2012-08-04 10:34 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-08-10 18:28 - 2012-08-10 18:28 - 000384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-10 18:23 - 2012-08-10 18:23 - 000020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\sk-SK\BtTray.sk-SK.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-09-22 18:42 - 2017-09-21 08:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-22 18:42 - 2017-09-21 08:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2015-07-09 17:26 - 2015-07-09 17:26 - 007479296 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-07-09 17:26 - 2015-07-09 17:26 - 007479296 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2017-11-05 20:16 - 2017-11-05 20:16 - 002418688 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2016-07-05 13:02 - 2015-12-28 12:49 - 000629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-02-13 20:20 - 2012-09-05 18:55 - 000892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2016-07-05 13:02 - 2015-12-23 17:32 - 000355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2016-07-05 13:02 - 2015-12-23 17:32 - 000190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2016-07-05 13:02 - 2015-12-23 17:32 - 000057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2012-06-07 14:12 - 2012-06-07 14:12 - 000009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2016-07-05 13:02 - 2015-12-28 12:50 - 000899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2016-07-05 13:01 - 2015-12-28 12:49 - 000629536 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2014-06-17 16:30 - 2014-04-01 13:37 - 000371712 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-06-17 16:30 - 2013-07-24 08:24 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-07-05 13:02 - 2015-12-23 17:32 - 000190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-07-05 13:02 - 2015-12-23 17:32 - 000057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-06-25 10:52 - 2016-03-01 12:46 - 000355616 _____ () C:\Program Files (x86)\IObit\Driver Booster\madExcept_.bpl
2016-06-25 10:52 - 2016-03-01 12:46 - 000190240 _____ () C:\Program Files (x86)\IObit\Driver Booster\madBasic_.bpl
2016-06-25 10:52 - 2016-03-01 12:46 - 000057632 _____ () C:\Program Files (x86)\IObit\Driver Booster\madDisAsm_.bpl
2016-06-25 10:52 - 2016-03-01 12:46 - 000899872 _____ () C:\Program Files (x86)\IObit\Driver Booster\webres.dll
2016-06-25 10:52 - 2016-03-01 12:46 - 000524064 _____ () C:\Program Files (x86)\IObit\Driver Booster\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-135797651-574853151-142966405-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\Desktop\12798859_10153437537658575_3196927996418568139_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: seznam-listicka-distribuce =>
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\StartupApproved\StartupFolder: => "msconfig.lnk"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\StartupApproved\Run: => "ctfmon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{65803412-BE55-4EF1-9E4C-3F0AEF13650F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A8E94C68-FFA9-4F2E-9F0C-E2BB2C4AF329}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0C1E0E04-8E40-4529-9A64-EEE8F4166731}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CDBD12ED-635C-4C16-8403-2059A43C853F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8A0900C0-39AB-46EA-8E19-7E9E9F874004}] => (Allow) LPort=1900
FirewallRules: [{5375FEF6-EA45-4676-A7E3-68435EE3D3A4}] => (Allow) LPort=2869
FirewallRules: [{08AC8DEE-A7B3-4961-BA91-F15CF4F4E61A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{1A090480-61D0-41EE-A081-20D8E30AA81D}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{7739F4BC-2A0E-488F-82A2-35C0ADEF809B}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{7BDC910E-4854-4A4E-A4D6-A6E8233ADFC1}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{7BE90FC2-D00C-4AB6-BC9A-CBE2C34543CF}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [{5A0EC186-C0A5-498C-BB62-D65870E5E61F}] => (Allow) C:\Program Files (x86)\Nsasoft\OfficeProductKeyFinder\OfficeProductKeyFinder.exe
FirewallRules: [{C527DCA6-9AD7-4E4A-A424-37ABED6F4996}] => (Allow) C:\Program Files (x86)\Nsasoft\OfficeProductKeyFinder\OfficeProductKeyFinder.exe
FirewallRules: [{E30408E6-1037-4079-ABA7-FE7CEBA99067}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{BF7517C2-2DF4-4D77-B96D-92E736AAE2BD}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A3153F8D-623F-461C-8E1E-AF2BC533EB2C}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{A3F59F50-7B95-4049-9057-7EC02CC2B5F0}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{8C77F53D-9CB3-45C1-A73E-6D1ECF20B672}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{0E6FCC2C-DCC4-4BA1-8A07-64AF2C556A0C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{9FF31267-EB43-443E-8036-2F29C5A12243}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{B369401F-E98B-44DC-9602-30B028FBF3B8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{373ED51A-7508-4497-B21D-453BE4232744}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{FBB3BE82-B579-43E6-8E73-53FA3B81EC37}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{C0540D9F-3E84-4AA7-B5FF-79C32463C1B6}] => (Allow) LPort=1061
FirewallRules: [{6F9692B4-6F56-4BD3-B5B0-9DB6611209B1}] => (Allow) LPort=5000
FirewallRules: [{A3C34215-C30F-4DAD-943A-977A0EFE2B61}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth II\game.dat
FirewallRules: [{383F9712-1AF9-4DC4-A47C-22C0C3F8DCF0}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth II\game.dat
FirewallRules: [{74BDB736-850F-4FDF-B885-1FC9290B4F9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

12-10-2017 18:36:48 Scheduled Checkpoint
23-10-2017 14:01:58 Scheduled Checkpoint
02-11-2017 20:05:18 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2017 06:42:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Explorer.EXE, verzia: 6.3.9600.18231, časová značka: 0x56b8c9f1
Názov chybujúceho modulu: msvcrt.dll, verzia: 7.0.9600.17415, časová značka: 0x545055fe
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000017d1
Identifikácia chybujúceho procesu: 0x3ea8
Čas spustenia chybujúcej aplikácie: 0x01d3562c09003596
Cesta chybujúcej aplikácie: C:\WINDOWS\Explorer.EXE
Cesta chybujúceho modulu: C:\WINDOWS\system32\msvcrt.dll
Identifikácia hlásenia: b56678d1-c250-11e7-8005-94dbc9b6447c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/03/2017 04:30:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/03/2017 04:30:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/16/2017 07:30:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Explorer.EXE, verzia: 6.3.9600.18231, časová značka: 0x56b8c9f1
Názov chybujúceho modulu: ntdll.dll, verzia: 6.3.9600.18438, časová značka: 0x57ae642e
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000f1b70
Identifikácia chybujúceho procesu: 0x3740
Čas spustenia chybujúcej aplikácie: 0x01d341f54c43e725
Cesta chybujúcej aplikácie: C:\WINDOWS\Explorer.EXE
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 82e327b8-b23b-11e7-8005-94dbc9b6447c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/14/2017 08:25:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveUpdate.exe version 3.1.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 132c

Start Time: 01d32d8e5c4f1871

Termination Time: 331

Application Path: C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

Report Id: 78e0f643-9982-11e7-8005-94dbc9b6447c

Faulting package full name:

Faulting package-relative application ID:

Error: (09/12/2017 09:04:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.18231 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 73c

Start Time: 01d32bfff8d1b7a3

Termination Time: 0

Application Path: C:\WINDOWS\Explorer.EXE

Report Id: 93257f96-97f3-11e7-8005-94dbc9b6447c

Faulting package full name:

Faulting package-relative application ID:

Error: (09/12/2017 08:55:36 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\PROFILEASSOCIATIONPROVIDER.MFL while recovering .MOF file marked with autorecover.

Error: (09/12/2017 08:55:36 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\POWERMETERPROVIDER.MFL while recovering .MOF file marked with autorecover.

Error: (09/12/2017 08:55:36 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\CIMDMTF.MFL while recovering .MOF file marked with autorecover.

Error: (09/12/2017 08:55:36 PM) (Source: Microsoft-Windows-WMI) (EventID: 4) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\DSCCORE.MFL while recovering .MOF file marked with autorecover.

System errors:
=============
Error: (11/05/2017 07:16:57 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/05/2017 06:12:20 PM) (Source: DCOM) (EventID: 10010) (User: MATOKOVAC)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (11/05/2017 06:11:50 PM) (Source: DCOM) (EventID: 10010) (User: MATOKOVAC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (11/05/2017 03:37:27 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/05/2017 01:26:50 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/05/2017 12:16:00 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/04/2017 10:35:08 PM) (Source: DCOM) (EventID: 10010) (User: MATOKOVAC)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (11/04/2017 10:34:38 PM) (Source: DCOM) (EventID: 10010) (User: MATOKOVAC)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (11/03/2017 04:43:55 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/02/2017 09:32:42 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 3979.68 MB
Available physical RAM: 1463.39 MB
Total Virtual: 11403.68 MB
Available Virtual: 4492.92 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:77.14 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.45 GB) (Free:253.19 GB) NTFS
Drive f: (BFME2 Special Edition) (CDROM) (Total:3.14 GB) (Free:0 GB) UDF
Drive g: (LOTRBFME2) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8F0070DF)

Partition: GPT.

==================== End of Addition.txt ============================

#4 Příspěvek od **Rudy** » 06 lis 2017 14:55

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

MartinKovac · #5 Příspěvek od **MartinKovac** » 06 lis 2017 16:23

# AdwCleaner 7.0.4.0 - Logfile created on Mon Nov 06 15:17:21 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: BackupStack

***** [ Folders ] *****

Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\IObit\Advanced SystemCare
Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\Administrator\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player
Deleted: C:\Users\Martin\AppData\LocalLow\AVG Secure Search
Deleted: C:\Users\Administrator\AppData\LocalLow\blekko
Deleted: C:\Users\Martin\AppData\LocalLow\blekko
Deleted: C:\Users\Administrator\AppData\Local\NativeMessaging
Deleted: C:\Users\Administrator\AppData\Local\WhiteListing
Deleted: C:\Program Files (x86)\MapsGalaxy_39
Deleted: C:\Users\Administrator\AppData\Local\MapsGalaxy_39
Deleted: C:\Users\Administrator\AppData\LocalLow\MapsGalaxy_39
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\ProgramData\Application Data\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted: C:\Users\Administrator\AppData\LocalLow\Softonic
Deleted: C:\Users\Martin\AppData\LocalLow\Softonic
Deleted: C:\Users\Martin\AppData\Roaming\Softonic
Deleted: C:\Users\Administrator\AppData\Local\TBHostSupport
Deleted: C:\Program Files (x86)\Conduit
Deleted: C:\Users\Administrator\AppData\LocalLow\Conduit
Deleted: C:\Users\Martin\AppData\Local\Conduit
Deleted: C:\Users\Martin\AppData\LocalLow\Conduit
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFix
Deleted: C:\Users\Administrator\AppData\Roaming\SmartPCFix
Deleted: C:\Program Files (x86)\MyPC Backup
Deleted: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Deleted: C:\Users\Administrator\AppData\Roaming\OpenCandy
Deleted: C:\Users\Martin\AppData\Roaming\OpenCandy
Deleted: C:\Users\Administrator\AppData\Local\iac
Deleted: C:\Users\Martin\AppData\Roaming\Allmyapps
Deleted: C:\ProgramData\BrowserProtect
Deleted: C:\ProgramData\Application Data\BrowserProtect
Deleted: C:\Users\All Users\BrowserProtect
Deleted: C:\Program Files (x86)\MapsGalaxy_39
Deleted: C:\Users\Administrator\AppData\Local\MapsGalaxy_39

***** [ Files ] *****

Deleted: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 9.lnk
Deleted: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 9.lnk
Deleted: C:\Users\All Users\Desktop\Advanced SystemCare 9.lnk
Deleted: C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
Deleted: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster 3.lnk
Deleted: C:\Users\All Users\Desktop\Driver Booster 3.lnk
Deleted: C:\Users\Public\Desktop\Driver Booster 3.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Driver Booster Scheduler
Deleted: BrowserProtect

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [http:\\home.mywebsearch.com\index.jhtml?n=77DE8857&p2=^UX^xdm007^YY^sk&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&si=COe2j4bck7cCFQbHtAod_wIApA]
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Deleted: [Key] - HKU\S-1-5-21-135797651-574853151-142966405-500\Software\BABSOLUTION
Deleted: [Key] - HKCU\Software\BABSOLUTION
Deleted: [Key] - HKU\S-1-5-21-135797651-574853151-142966405-500\Software\BI
Deleted: [Key] - HKCU\Software\BI
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{1005247F-A178-490A-8DC3-6BAF09EA427B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Deleted: [Value] - HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|APISupport
Deleted: [Value] - HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SDP
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Main|bprotector start page
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Deleted: [Key] - HKLM\SOFTWARE\DataMngr
Deleted: [Key] - HKU\S-1-5-21-135797651-574853151-142966405-500\Software\DataMngr
Deleted: [Key] - HKCU\Software\DataMngr
Deleted: [Key] - HKLM\SOFTWARE\Datamngr
Deleted: [Key] - HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Datamngr
Deleted: [Key] - HKCU\Software\Datamngr
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Deleted: [Key] - HKU\S-1-5-21-135797651-574853151-142966405-500\Software\filescout
Deleted: [Key] - HKCU\Software\filescout

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: uTorrentControl_v2 -
Plugin deleted: AVG Security Toolbar -
Plugin deleted: Ads Removal -
Plugin deleted: Blekko Search Bar -
Plugin deleted: Softonic Chrome Toolbar -
SearchProvider deleted: slunecnice.cz - slunecnice.cz
SearchProvider deleted: Conduit - search.conduit.com
SearchProvider deleted: Search the web (Softonic) - softonic

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [9053 B] - [2017/11/6 15:15:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

#6 Příspěvek od **Rudy** » 06 lis 2017 16:56

Dejte nový log FRST.

MartinKovac · #7 Příspěvek od **MartinKovac** » 06 lis 2017 17:21

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Administrator (administrator) on MATOKOVAC (06-11-2017 17:16:27)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Martin & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
() C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
() C:\Users\Administrator\AppData\Roaming\Microsoft\Networking\winnet32b.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* [90832 2012-06-07] ()
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2007392 2014-04-01] (Wondershare)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-135797651-574853151-142966405-500\...\Run: [Advanced SystemCare 9] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HKU\S-1-5-21-135797651-574853151-142966405-500\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-04-24] (Disc Soft Ltd)
HKU\S-1-5-21-135797651-574853151-142966405-500\...\RunOnce: [daRcECyvBV] => C:\daRcECyvBVdaRcECyvBV\daRcECyvBV.vbs [140 2017-02-16] ()
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {54499fa1-06ab-11e5-bf99-94dbc9b6447c} - "F:\setup.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {76177690-da4e-11e6-bfef-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {835f2f19-4d4e-11e7-bfff-94dbc9b6447c} - "F:\Autorun.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {ba31d897-a79a-11e6-bfec-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {d917ab0f-da65-11e6-bfef-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-07-09] ()
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-07-09] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Steam Update.bat [2017-07-21] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{849E99CB-1CA5-45A4-8143-455066A57D8D}: [DhcpNameServer] 192.168.20.138
Tcpip\..\Interfaces\{FC62A3F7-CFB2-4D1F-B296-25073FF5753E}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
URLSearchHook: HKU\S-1-5-21-135797651-574853151-142966405-500 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
SearchScopes: HKLM-x32 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^UX^xdm007^YY^sk&si=COe2j4bck7cCFQbHtAod_wIApA&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&ind=2013051314&n=77fcb9b2&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^UX^xdm007^YY^sk&si=COe2j4bck7cCFQbHtAod_wIApA&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&ind=2013051314&n=77fcb9b2&psa=&st=sb&searchfor={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-03] (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-135797651-574853151-142966405-500 -> No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-06-28] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [39ffxtbr@MapsGalaxy_39.com] - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-04-23] (Nexon)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://asus13.msn.com/
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2017-11-06]
CHR Extension: (Prezentácie) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-23]
CHR Extension: (Dokumenty) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23]
CHR Extension: (Disk Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-02]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabuľky) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-21]
CHR HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Administrator\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Administrator\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Martin\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2015-09-13] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-08-22] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
S2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4267008 2015-09-13] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70928 2015-09-13] (ASUS Corporation)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-09] (Disc Soft Ltd)
U3 dtlitescsidrv; C:\Windows\System32\Drivers\dtlitescsidrv.sys [316072 2017-06-09] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-09] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [58416 2013-02-14] (ESET)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX(tm))
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2015-09-13] (Intel Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [394296 2017-06-09] (Duplex Secure Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-08-22] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-08-22] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-06 16:25 - 2017-11-06 16:25 - 000007461 _____ C:\Users\Administrator\Desktop\AdwCleaner vysledok.txt
2017-11-06 16:12 - 2017-11-06 16:15 - 000000000 ____D C:\AdwCleaner
2017-11-06 16:08 - 2017-11-06 16:11 - 008261584 _____ (Malwarebytes) C:\Users\Administrator\Downloads\adwcleaner_7.0.4.0.exe
2017-11-06 15:47 - 2017-11-06 15:47 - 000002892 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Administrator)
2017-11-06 08:13 - 2017-11-06 08:13 - 000283920 _____ C:\WINDOWS\Minidump\110617-30859-01.dmp
2017-11-05 22:46 - 2017-11-05 22:46 - 000042067 _____ C:\Users\Administrator\Desktop\vir addition.txt
2017-11-05 22:45 - 2017-11-05 22:45 - 000052288 _____ C:\Users\Administrator\Desktop\vir.txt
2017-11-05 22:34 - 2017-11-05 22:36 - 000042064 _____ C:\Users\Administrator\Desktop\Addition.txt
2017-11-05 22:31 - 2017-11-06 17:17 - 000021276 _____ C:\Users\Administrator\Desktop\FRST.txt
2017-11-05 22:30 - 2017-11-05 22:30 - 000112640 _____ (forum.viry.cz) C:\Users\Administrator\Downloads\FRSTLauncher.exe
2017-11-05 22:30 - 2017-11-05 22:30 - 000029696 _____ C:\Users\Administrator\AppData\Local\MSGBOX.EXE
2017-11-05 22:30 - 2017-11-05 22:30 - 000015327 _____ C:\Users\Administrator\Desktop\LM.bat
2017-11-05 22:25 - 2017-11-06 17:16 - 000000000 ____D C:\FRST
2017-11-05 22:21 - 2017-11-05 22:23 - 002403328 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2017-11-05 21:15 - 2017-11-05 21:15 - 000053017 _____ C:\Users\Administrator\Desktop\info winnet32b.txt
2017-11-05 20:43 - 2017-11-05 20:44 - 000000000 ____D C:\rsit
2017-11-05 20:43 - 2017-11-05 20:44 - 000000000 ____D C:\Program Files\trend micro
2017-11-05 20:42 - 2017-11-05 20:43 - 001222144 _____ C:\Users\Administrator\Downloads\RSITx64.exe
2017-11-05 20:19 - 2017-11-05 20:20 - 000000314 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
2017-11-05 20:19 - 2017-11-05 20:19 - 000002430 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Administrator
2017-10-24 18:31 - 2017-10-24 18:31 - 007923662 _____ C:\Users\Administrator\Downloads\fwdcheatingexam.zip
2017-10-24 18:23 - 2017-10-24 18:26 - 023503474 _____ C:\Users\Administrator\Downloads\fwdeducation.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-06 17:16 - 2013-04-16 05:47 - 000003590 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-135797651-574853151-142966405-500
2017-11-06 17:11 - 2016-07-05 13:02 - 000000324 _____ C:\WINDOWS\Tasks\ASC9_PerformanceMonitor.job
2017-11-06 17:11 - 2014-09-24 06:35 - 000863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-06 17:11 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2017-11-06 17:11 - 2013-03-28 10:56 - 000000380 _____ C:\Users\Administrator\AppData\Roaming\sp_data.sys
2017-11-06 16:19 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-06 16:18 - 2013-08-22 14:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2017-11-06 16:16 - 2013-07-21 16:54 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2017-11-06 16:16 - 2013-07-21 16:54 - 000000000 ____D C:\ProgramData\IObit
2017-11-06 16:16 - 2013-07-21 16:54 - 000000000 ____D C:\Program Files (x86)\IObit
2017-11-06 16:05 - 2014-11-10 22:33 - 000004006 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98A1F2CA-442E-445B-B163-F72C132F164D}
2017-11-06 15:57 - 2016-05-10 21:52 - 000000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34.job
2017-11-06 15:56 - 2015-07-15 21:51 - 000000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d.job
2017-11-06 15:51 - 2015-02-05 15:46 - 000000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2.job
2017-11-06 08:21 - 2013-03-28 10:56 - 000045056 _____ C:\WINDOWS\SysWOW64\acovcnt.exe
2017-11-06 08:13 - 2014-11-08 21:52 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-06 08:13 - 2014-11-04 20:46 - 000000000 ____D C:\Users\Administrator
2017-11-06 08:12 - 2017-03-22 19:35 - 614962014 _____ C:\WINDOWS\MEMORY.DMP
2017-11-06 07:04 - 2015-07-24 20:25 - 000000000 ____D C:\ProgramData\ProductData
2017-11-03 16:34 - 2013-05-08 13:14 - 000000000 ____D C:\Users\Administrator\Desktop\Martinko
2017-10-23 12:43 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-12 17:51 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories =======

2013-04-19 19:39 - 2013-04-19 19:39 - 000099384 _____ () C:\Users\Administrator\AppData\Roaming\inst.exe
2014-09-17 12:48 - 2014-09-17 12:48 - 000000021 _____ () C:\Users\Administrator\AppData\Roaming\my_intel.sys
2013-04-19 19:39 - 2013-04-19 19:39 - 000007859 _____ () C:\Users\Administrator\AppData\Roaming\pcouffin.cat
2013-04-19 19:39 - 2013-04-19 19:39 - 000001167 _____ () C:\Users\Administrator\AppData\Roaming\pcouffin.inf
2013-04-19 19:39 - 2013-04-19 19:39 - 000000055 _____ () C:\Users\Administrator\AppData\Roaming\pcouffin.log
2013-04-19 19:39 - 2013-04-19 19:39 - 000082816 _____ (VSO Software) C:\Users\Administrator\AppData\Roaming\pcouffin.sys
2013-03-28 10:56 - 2017-11-06 17:11 - 000000380 _____ () C:\Users\Administrator\AppData\Roaming\sp_data.sys
2013-04-19 19:33 - 2013-04-19 19:38 - 000001057 _____ () C:\Users\Administrator\AppData\Roaming\vso_ts_preview.xml
2017-11-05 22:30 - 2017-11-05 22:30 - 000029696 _____ () C:\Users\Administrator\AppData\Local\MSGBOX.EXE
2015-07-16 20:08 - 2017-09-04 19:11 - 000007605 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2017-01-14 12:12 - 2017-01-14 12:12 - 000000000 _____ () C:\Users\Administrator\AppData\Local\{1777075C-E912-41B5-AA4D-924AB9A8FED4}
2016-03-09 22:11 - 2016-03-09 22:11 - 000000000 _____ () C:\Users\Administrator\AppData\Local\{2C9D7FB3-F15F-4AF8-A47B-9B3786818807}
2017-05-03 17:00 - 2017-05-03 17:00 - 000000000 _____ () C:\Users\Administrator\AppData\Local\{2FEB300E-DD89-4995-8D96-90A89EBCBB60}
2016-03-09 22:11 - 2016-03-09 22:11 - 000000000 _____ () C:\Users\Administrator\AppData\Local\{CFB8B941-D316-4AF8-B718-BBD28115A0A3}
2013-05-02 00:12 - 2013-05-04 09:51 - 000000000 _____ () C:\ProgramData\as98213.txt
2013-05-02 00:11 - 2013-05-04 09:54 - 095023320 ____T () C:\ProgramData\lvociw.pad
2013-05-02 00:12 - 2013-05-02 00:12 - 000000152 _____ () C:\ProgramData\lvociw.reg
2013-05-02 00:11 - 2013-05-02 00:11 - 000048640 _____ (Microsoft Corporation) C:\ProgramData\rundll32.exe
2012-08-04 18:37 - 2012-07-30 07:03 - 000000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 18:37 - 2009-07-22 11:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe
2014-06-17 16:22 - 2014-06-17 16:25 - 000000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-06-17 16:21 - 2014-06-17 16:22 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\ProgramData\lvociw.pad
C:\ProgramData\lvociw.reg
C:\ProgramData\rundll32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-06 15:55

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by Administrator (06-11-2017 17:19:23)
Running from C:\Users\Administrator\Desktop
Windows 8.1 (Update) (X64) (2014-11-04 20:36:53)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-135797651-574853151-142966405-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-135797651-574853151-142966405-501 - Limited - Disabled)
Martin (S-1-5-21-135797651-574853151-142966405-1001 - Administrator - Enabled) => C:\Users\Martin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: ESET Smart Security 6.0 (Enabled - Out of date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Age of Empires III - The WarChiefs Trial (HKLM-x32\...\{ABFE9B50-BA4B-4FDF-A943-EA025119DBED}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-135797651-574853151-142966405-500\...\Akamai) (Version: - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM-x32\...\{3727C0FE-4357-492C-85EE-E78BC31BF831}) (Version: 3.6.142.61624 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.6.142.61624 - Alcor Micro Corp.)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{85F1B81D-72C5-4357-81F9-B0A1D71DF59B}) (Version: 3.0.255.407 - ArcSoft)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Avi to Mpeg 2.1 (HKLM-x32\...\{14BF164E-80A4-422E-BE43-39FB759666C2}_is1) (Version: - Avi to Mpeg)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0232 - Disc Soft Ltd)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
ESET Smart Security (HKLM\...\{F0235BC5-889C-442D-B831-7F894E5C9AD1}) (Version: 6.0.316.2 - ESET, spol s r. o.)
Fotogaléria (HKLM-x32\...\{5B87607E-E781-49C5-9891-80990E45BCA1}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
J2SE Runtime Environment 5.0 Update 5 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150050}) (Version: 1.5.0.50 - Sun Microsystems, Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
MapsGalaxy Toolbar (HKLM-x32\...\MapsGalaxy_39bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{0CD05078-D4F3-4006-8726-B01E10A89B28}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NVIDIA PhysX (HKLM-x32\...\{F9835182-794B-4F24-902A-E2CA9D43380F}) (Version: 9.10.0512 - NVIDIA Corporation)
PDF to Doc Converter 6.0 (HKLM-x32\...\PDF to Doc Converter 6.0) (Version: - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-135797651-574853151-142966405-500\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Smart Defrag 2 (HKLM-x32\...\Smart Defrag 2_is1) (Version: 2.9 - IObit)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
The Battle for Middle-earth II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-135797651-574853151-142966405-500_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-08-10] (Qualcomm Atheros Commnucations)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2013-03-21] (ESET)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-02-13] (IObit)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2013-03-21] (ESET)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-08-10] (Qualcomm Atheros Commnucations)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2013-03-21] (ESET)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2015-11-12] (IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\system32\IObitSmartDefragExtension.dll [2014-02-13] (IObit)
ContextMenuHandlers1_S-1-5-21-135797651-574853151-142966405-500: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0029A3A0-EF96-4436-8704-3D9C367B6807} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {0BE14BE9-82B1-4F67-9535-625EDDAC6AB6} - System32\Tasks\{47E39BC6-4ACF-4810-819E-665B635CDAD3} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/sk/abandoninstall?page=tsMain
Task: {10E1E09A-55A6-448D-84B1-43973F339B2D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-04] (ASUS)
Task: {152A6A13-369A-4A40-B924-BECB731D86BB} - System32\Tasks\{83F98471-45A9-4B5D-AB6C-D1F30C1BF124} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/sk/abandoninstall?page=tsProgressBar
Task: {16C90390-C7C3-4531-86E1-1813CC27801E} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {1996E97E-76EB-49E5-A37A-2B12648711D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {22F9E627-7F73-4898-BE1F-3CCD02FC8514} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek)
Task: {237F9010-3590-4419-AF6D-F7C8DAE35D1C} - System32\Tasks\{F21464F4-E6C9-4B4E-BEB7-9A52AD6B86B1} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.26.0.101/sk/abandoninstall?page=tsProgressBar
Task: {2992DBA5-816D-4560-AFB0-5160B2C48A96} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dfd9768c1c4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {37C04307-62FB-440F-B485-D6764D22B922} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {37C04307-62FB-440F-B485-D6764D22B922} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {37C04307-62FB-440F-B485-D6764D22B922} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\WINDOWS\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {557C6498-38B4-462D-A25B-4E587AFCDCC4} - System32\Tasks\{DF8A2F51-FEB6-408F-A89F-D73843C814CC} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.5.0.158/sk/go/help.faq.installer?LastError=1603
Task: {5EDB3F63-A5F0-4B38-958A-ADB0CE8BEACE} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-02-13] (IObit)
Task: {6029D9DE-4E0D-4247-9AD7-D8C07C946DCD} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {6A3F5515-E8BE-4797-8547-712A6616B12D} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit)
Task: {7E1613C3-1A10-49B3-8ABB-3AB2961F69ED} - System32\Tasks\{73545AE0-30BE-4E15-B45D-A40C30E402C1} => C:\Windows\system32\pcalua.exe -a C:\Users\Martin\Downloads\aoe3trial.exe -d C:\Users\Martin\Downloads
Task: {7F761091-0079-4F25-9DE4-738A5CA69B22} - System32\Tasks\{79A5FC85-EB1D-4C86-A620-3FAA29A95CE2} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/sk/abandoninstall?page=tsMain
Task: {8409E198-38BD-4A40-B4B6-2AA94ED404FE} - System32\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {953DEBDF-6930-406A-B635-BD2F35536301} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {9789A31D-6991-42F7-8970-264D90DC347F} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {9789A31D-6991-42F7-8970-264D90DC347F} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {9A1D1A41-707A-4672-9E42-E471E9158A47} - System32\Tasks\{A1A1897B-F248-46D5-8511-AEDE1C21AD9F} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.59.102/sk/abandoninstall?page=tsMain
Task: {A2645DE3-EE81-4723-975C-9B317A637BCE} - System32\Tasks\GoogleUpdateTaskMachineUA1d0415293f5504e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A77D32BA-3CE2-4F18-9E96-E9A3760D3F1F} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {A77D32BA-3CE2-4F18-9E96-E9A3760D3F1F} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {ABC27E81-969C-4676-BD5F-9D32665BA8E0} - System32\Tasks\{EF77B343-5560-40F2-AEFF-C194A523C40A} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/sk/abandoninstall?page=tsMain
Task: {B69BAF50-7279-4D30-8AB7-232D47A2DDA5} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-02-13] (IObit)
Task: {B980335A-4792-4FB0-8F6D-E86B75F3508A} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {B980335A-4792-4FB0-8F6D-E86B75F3508A} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {BB81B833-1281-4B2B-9FAC-D63E4C2EC1DD} - System32\Tasks\{633AFDD9-BDC0-429C-99C6-69C40E5A7325} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.18.60.106/sk/abandoninstall?page=tsMain
Task: {C8FCBFE2-3A0D-4BB0-9EE7-E4E3CF29F6C0} - System32\Tasks\{CE1FFD1A-A8B0-431C-8EEF-16350A97ED07} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/sk/abandoninstall?page=tsBing
Task: {CDA1BF5C-14A0-43BE-96E6-DC002C270439} - System32\Tasks\GoogleUpdateTaskMachineCore1ce81842b28b432 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DBC6BC9C-479E-41CD-874C-DB9392718AE4} - System32\Tasks\daRcECyvBV => C:\daRcECyvBVdaRcECyvBV\daRcECyvBV.vbs [2017-02-16] () <==== ATTENTION
Task: {E267BB42-1649-4B93-A224-4860E82027A7} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E479F0B1-CE91-4784-B729-7431EDE35773} - System32\Tasks\Driver Booster SkipUAC (Administrator) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-05-23] (IObit)
Task: {E74D674B-01EF-44DF-A88C-C9CDF0DB6342} - System32\Tasks\GoogleUpdateTaskMachineUA1d1aafde896ac1f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {ED27F050-A87F-4DD1-B54C-0F64F137BCF8} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {FC14B94B-FD0E-4949-B9D5-FDD0B2874E70} - System32\Tasks\{6DBA31E5-4CA0-4844-B208-302744B05334} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.59.102/sk/abandoninstall?page=tsBing

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\ASC9_PerformanceMonitor.job => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce81842b28b432.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0415293f5504e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Administrator\Desktop\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2012-08-04 10:34 - 2012-08-04 10:34 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-08-10 18:28 - 2012-08-10 18:28 - 000384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-10 18:23 - 2012-08-10 18:23 - 000020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\sk-SK\BtTray.sk-SK.dll
2015-07-09 17:26 - 2015-07-09 17:26 - 007479296 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-07-09 17:26 - 2015-07-09 17:26 - 007479296 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2017-11-06 08:15 - 2017-11-06 08:15 - 002418688 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2017-09-22 18:42 - 2017-09-21 08:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-22 18:42 - 2017-09-21 08:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2016-07-05 13:02 - 2015-12-28 12:49 - 000629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2012-09-12 02:03 - 2012-06-25 10:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-02-13 20:20 - 2012-09-05 18:55 - 000892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2012-06-07 14:12 - 2012-06-07 14:12 - 000009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-06-17 16:30 - 2014-04-01 13:37 - 000371712 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-06-17 16:30 - 2013-07-24 08:24 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-135797651-574853151-142966405-500\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-135797651-574853151-142966405-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\Desktop\12798859_10153437537658575_3196927996418568139_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: seznam-listicka-distribuce =>
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\StartupApproved\StartupFolder: => "msconfig.lnk"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\StartupApproved\Run: => "ctfmon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{65803412-BE55-4EF1-9E4C-3F0AEF13650F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A8E94C68-FFA9-4F2E-9F0C-E2BB2C4AF329}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0C1E0E04-8E40-4529-9A64-EEE8F4166731}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CDBD12ED-635C-4C16-8403-2059A43C853F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8A0900C0-39AB-46EA-8E19-7E9E9F874004}] => (Allow) LPort=1900
FirewallRules: [{5375FEF6-EA45-4676-A7E3-68435EE3D3A4}] => (Allow) LPort=2869
FirewallRules: [{08AC8DEE-A7B3-4961-BA91-F15CF4F4E61A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{1A090480-61D0-41EE-A081-20D8E30AA81D}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{7739F4BC-2A0E-488F-82A2-35C0ADEF809B}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{7BDC910E-4854-4A4E-A4D6-A6E8233ADFC1}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{7BE90FC2-D00C-4AB6-BC9A-CBE2C34543CF}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [{5A0EC186-C0A5-498C-BB62-D65870E5E61F}] => (Allow) C:\Program Files (x86)\Nsasoft\OfficeProductKeyFinder\OfficeProductKeyFinder.exe
FirewallRules: [{C527DCA6-9AD7-4E4A-A424-37ABED6F4996}] => (Allow) C:\Program Files (x86)\Nsasoft\OfficeProductKeyFinder\OfficeProductKeyFinder.exe
FirewallRules: [{E30408E6-1037-4079-ABA7-FE7CEBA99067}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{BF7517C2-2DF4-4D77-B96D-92E736AAE2BD}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A3153F8D-623F-461C-8E1E-AF2BC533EB2C}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{A3F59F50-7B95-4049-9057-7EC02CC2B5F0}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{8C77F53D-9CB3-45C1-A73E-6D1ECF20B672}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{0E6FCC2C-DCC4-4BA1-8A07-64AF2C556A0C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{9FF31267-EB43-443E-8036-2F29C5A12243}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{B369401F-E98B-44DC-9602-30B028FBF3B8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{373ED51A-7508-4497-B21D-453BE4232744}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{FBB3BE82-B579-43E6-8E73-53FA3B81EC37}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{C0540D9F-3E84-4AA7-B5FF-79C32463C1B6}] => (Allow) LPort=1061
FirewallRules: [{6F9692B4-6F56-4BD3-B5B0-9DB6611209B1}] => (Allow) LPort=5000
FirewallRules: [{A3C34215-C30F-4DAD-943A-977A0EFE2B61}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth II\game.dat
FirewallRules: [{383F9712-1AF9-4DC4-A47C-22C0C3F8DCF0}] => (Allow) C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth II\game.dat
FirewallRules: [{74BDB736-850F-4FDF-B885-1FC9290B4F9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

12-10-2017 18:36:48 Scheduled Checkpoint
23-10-2017 14:01:58 Scheduled Checkpoint
02-11-2017 20:05:18 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2017 05:11:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/06/2017 05:11:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/06/2017 04:23:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Explorer.EXE, verzia: 6.3.9600.18231, časová značka: 0x56b8c9f1
Názov chybujúceho modulu: DEVRTL.dll, verzia: 6.3.9600.17415, časová značka: 0x5450429b
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000001475
Identifikácia chybujúceho procesu: 0x650
Čas spustenia chybujúcej aplikácie: 0x01d35712ae59b003
Cesta chybujúcej aplikácie: C:\WINDOWS\Explorer.EXE
Cesta chybujúceho modulu: C:\WINDOWS\system32\DEVRTL.dll
Identifikácia hlásenia: 764c5e01-c306-11e7-8008-94dbc9b6447c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/06/2017 03:44:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/06/2017 03:44:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/05/2017 06:42:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Explorer.EXE, verzia: 6.3.9600.18231, časová značka: 0x56b8c9f1
Názov chybujúceho modulu: msvcrt.dll, verzia: 7.0.9600.17415, časová značka: 0x545055fe
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000017d1
Identifikácia chybujúceho procesu: 0x3ea8
Čas spustenia chybujúcej aplikácie: 0x01d3562c09003596
Cesta chybujúcej aplikácie: C:\WINDOWS\Explorer.EXE
Cesta chybujúceho modulu: C:\WINDOWS\system32\msvcrt.dll
Identifikácia hlásenia: b56678d1-c250-11e7-8005-94dbc9b6447c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/03/2017 04:30:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/03/2017 04:30:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/16/2017 07:30:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Explorer.EXE, verzia: 6.3.9600.18231, časová značka: 0x56b8c9f1
Názov chybujúceho modulu: ntdll.dll, verzia: 6.3.9600.18438, časová značka: 0x57ae642e
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000f1b70
Identifikácia chybujúceho procesu: 0x3740
Čas spustenia chybujúcej aplikácie: 0x01d341f54c43e725
Cesta chybujúcej aplikácie: C:\WINDOWS\Explorer.EXE
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 82e327b8-b23b-11e7-8005-94dbc9b6447c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/14/2017 08:25:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveUpdate.exe version 3.1.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 132c

Start Time: 01d32d8e5c4f1871

Termination Time: 331

Application Path: C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

Report Id: 78e0f643-9982-11e7-8005-94dbc9b6447c

Faulting package full name:

Faulting package-relative application ID:

System errors:
=============
Error: (11/06/2017 04:19:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Advanced SystemCare Service 9 zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.

Error: (11/06/2017 04:19:18 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovládač Bluetooth očakával udalosť HCI s danou veľkosťou, ale neprijal ju.

Error: (11/06/2017 04:15:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (11/06/2017 04:15:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Advanced SystemCare Service 9 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (11/06/2017 04:15:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (11/06/2017 04:15:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (11/06/2017 04:15:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba VIA Karaoke digital mixer Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (11/06/2017 04:15:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (11/06/2017 04:15:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ATKGFNEX Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (11/06/2017 04:15:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LiveUpdate sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 3979.68 MB
Available physical RAM: 2054.72 MB
Total Virtual: 11403.68 MB
Available Virtual: 9455.91 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:76.51 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.45 GB) (Free:253.19 GB) NTFS
Drive f: (BFME2 Special Edition) (CDROM) (Total:3.14 GB) (Free:0 GB) UDF
Drive g: (LOTRBFME2) (CDROM) (Total:5.54 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8F0070DF)

Partition: GPT.

==================== End of Addition.txt ============================

#8 Příspěvek od **Rudy** » 06 lis 2017 18:02

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {54499fa1-06ab-11e5-bf99-94dbc9b6447c} - "F:\setup.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {76177690-da4e-11e6-bfef-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {835f2f19-4d4e-11e7-bfff-94dbc9b6447c} - "F:\Autorun.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {ba31d897-a79a-11e6-bfec-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {d917ab0f-da65-11e6-bfef-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\Main,Start Page =
URLSearchHook: HKU\S-1-5-21-135797651-574853151-142966405-500 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
URLSearchHook: HKU\S-1-5-21-135797651-574853151-142966405-500 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
SearchScopes: HKLM-x32 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsear ... .jhtml?p2=^UX^xdm007^YY^sk&si=COe2j4bck7cCFQbHtAod_wIApA&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&ind=2013051314&n=77fcb9b2&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsear ... .jhtml?p2=^UX^xdm007^YY^sk&si=COe2j4bck7cCFQbHtAod_wIApA&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&ind=2013051314&n=77fcb9b2&psa=&st=sb&searchfor={searchTerms}
BHO-x32: No Name -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-135797651-574853151-142966405-500 -> No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2.job
C:\WINDOWS\SysWOW64\acovcnt.exe
C:\ProgramData\lvociw.pad
C:\ProgramData\lvociw.reg
C:\ProgramData\rundll32.exe
Akamai NetSession Interface (HKU\S-1-5-21-135797651-574853151-142966405-500\...\Akamai)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
Task: {DBC6BC9C-479E-41CD-874C-DB9392718AE4} - System32\Tasks\daRcECyvBV => C:\daRcECyvBVdaRcECyvBV\daRcECyvBV.vbs [2017-02-16] () <==== ATTENTION

EmptyTemp:
ResetHosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

MartinKovac · #9 Příspěvek od **MartinKovac** » 11 lis 2017 12:16

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by Administrator (11-11-2017 11:52:12) Run:1
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Martin & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {54499fa1-06ab-11e5-bf99-94dbc9b6447c} - "F:\setup.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {76177690-da4e-11e6-bfef-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {835f2f19-4d4e-11e7-bfff-94dbc9b6447c} - "F:\Autorun.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {ba31d897-a79a-11e6-bfec-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-135797651-574853151-142966405-500\...\MountPoints2: {d917ab0f-da65-11e6-bfef-94dbc9b6447c} - "F:\HiSuiteDownLoader.exe"
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\Main,Start Page =
URLSearchHook: HKU\S-1-5-21-135797651-574853151-142966405-500 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
URLSearchHook: HKU\S-1-5-21-135797651-574853151-142966405-500 - (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No File
SearchScopes: HKLM-x32 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsear ... .jhtml?p2=^UX^xdm007^YY^sk&si=COe2j4bck7cCFQbHtAod_wIApA&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&ind=2013051314&n=77fcb9b2&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-135797651-574853151-142966405-500 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsear ... .jhtml?p2=^UX^xdm007^YY^sk&si=COe2j4bck7cCFQbHtAod_wIApA&ptb=71FDE265-44D6-49DD-B1B8-79EDC1EE6478&ind=2013051314&n=77fcb9b2&psa=&st=sb&searchfor={searchTerms}
BHO-x32: No Name -> {71c1d63a-c944-428a-a5bd-ba513190e5d2} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Toolbar: HKU\S-1-5-21-135797651-574853151-142966405-500 -> No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2.job
C:\WINDOWS\SysWOW64\acovcnt.exe
C:\ProgramData\lvociw.pad
C:\ProgramData\lvociw.reg
C:\ProgramData\rundll32.exe
Akamai NetSession Interface (HKU\S-1-5-21-135797651-574853151-142966405-500\...\Akamai)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
Task: {DBC6BC9C-479E-41CD-874C-DB9392718AE4} - System32\Tasks\daRcECyvBV => C:\daRcECyvBVdaRcECyvBV\daRcECyvBV.vbs [2017-02-16] () <==== ATTENTION

EmptyTemp:
ResetHosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54499fa1-06ab-11e5-bf99-94dbc9b6447c} => key removed successfully
HKLM\Software\Classes\CLSID\{54499fa1-06ab-11e5-bf99-94dbc9b6447c} => key not found.
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76177690-da4e-11e6-bfef-94dbc9b6447c} => key removed successfully
HKLM\Software\Classes\CLSID\{76177690-da4e-11e6-bfef-94dbc9b6447c} => key not found.
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{835f2f19-4d4e-11e7-bfff-94dbc9b6447c} => key removed successfully
HKLM\Software\Classes\CLSID\{835f2f19-4d4e-11e7-bfff-94dbc9b6447c} => key not found.
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba31d897-a79a-11e6-bfec-94dbc9b6447c} => key removed successfully
HKLM\Software\Classes\CLSID\{ba31d897-a79a-11e6-bfec-94dbc9b6447c} => key not found.
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d917ab0f-da65-11e6-bfef-94dbc9b6447c} => key removed successfully
HKLM\Software\Classes\CLSID\{d917ab0f-da65-11e6-bfef-94dbc9b6447c} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} => value removed successfully
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{26842a09-ffa8-4e2c-ae12-0c80f01c3295} => value not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{b0441a0e-a49a-4e16-afc1-74ecced1921f} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key removed successfully
HKLM\Software\Classes\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found.
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key removed successfully
HKLM\Software\Classes\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found.
HKU\S-1-5-21-135797651-574853151-142966405-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f} => key removed successfully
HKLM\Software\Classes\CLSID\{b0441a0e-a49a-4e16-afc1-74ecced1921f} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71c1d63a-c944-428a-a5bd-ba513190e5d2} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{71c1d63a-c944-428a-a5bd-ba513190e5d2} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
HKU\S-1-5-21-135797651-574853151-142966405-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{364EA597-E728-4CE4-BB4A-ED846EF47970} => value removed successfully
HKLM\Software\Classes\CLSID\{364EA597-E728-4CE4-BB4A-ED846EF47970} => key not found.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf4012839a34.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d090863edbc59d.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf4b3aa5c703a2.job => moved successfully
C:\WINDOWS\SysWOW64\acovcnt.exe => moved successfully
C:\ProgramData\lvociw.pad => moved successfully
C:\ProgramData\lvociw.reg => moved successfully
C:\ProgramData\rundll32.exe => moved successfully
Akamai NetSession Interface (HKU\S-1-5-21-135797651-574853151-142966405-500\...\Akamai) => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Advanced SystemCare => key removed successfully
HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} => key removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => key removed successfully
HKLM\Software\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DBC6BC9C-479E-41CD-874C-DB9392718AE4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBC6BC9C-479E-41CD-874C-DB9392718AE4} => key removed successfully
C:\WINDOWS\System32\Tasks\daRcECyvBV => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\daRcECyvBV => key removed successfully
ResetHosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67111895 B
Java, Flash, Steam htmlcache => 1701 B
Windows/system/drivers => 8325485 B
Edge => 0 B
Chrome => 368531932 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 4228 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 1461828 B
NetworkService => 83455 B
Martin => 848261 B
Administrator => 106662773 B

RecycleBin => 25823699 B
EmptyTemp: => 560 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 11:59:04 ====

#10 Příspěvek od **Rudy** » 11 lis 2017 16:12

Smazáno. Nastala nějaká změna?

MartinKovac · #11 Příspěvek od **MartinKovac** » 12 lis 2017 09:44

áno PC funguje rýchlejšie po zapnutí sa už nespúšťajú žiadne nežiadané veci a neprehrieva sa, winnet32b tam stále je ale už nezaťažuje moj PC tak ako pred tým ... pred tým vyťažoval pocesor na 92% teraz max na 10%

#12 Příspěvek od **Rudy** » 12 lis 2017 09:53

Pak je to OK. Winnet32 je systémový soubor.

MartinKovac · #13 Příspěvek od **MartinKovac** » 12 lis 2017 09:59

OK teda len som nevedel prečo my tak vyťažuje procesor .....ďakujem veľmi ste mi pomohli určite doporučím vašu stránku známym

#14 Příspěvek od **Rudy** » 12 lis 2017 12:43

Zřejmě v tom "smetí" bylo něco, co ho nadměrně vytěžovalo. Nemáte zač a děkueme za propagaci!

VIRY.CZ

Prosím o pomoc

Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc