preventivka - pomalý notebook

Zpráva

stelinka · #1 Příspěvek od **stelinka** » 26 čer 2017 12:26

Dobrý deň. Prosím o kontrolu. Notebook je nedávno kúpený dokopy sa dosť málo používa ale je neskutočne pomalý. Ide hlavne o používanie na internete a predpokladám že to nie je chybou siete, keďže internet na mobile alebo na tablete je oveľa rýchlejší. Ďakujem za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Viera at 2017-06-26 13:16:20
Microsoft Windows 10 Home
System drive C: has 140 GB (74%) free of 190 GB
Total RAM: 4000 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:16:42, on 26.06.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0962)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Viera\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files\trend micro\Viera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Viera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: avast! SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: McAfee Application Installer Cleanup (0041131494528973) (0041131494528973mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\004113~1.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ClientAnalyticsService - Intel Security - C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem9.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: WPS Office Update Service (Kingsoft_WPS_UpdateService) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee Boot Delay Start Service (mcbootdelaystartsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Soda PDF Desktop - LULU Software - C:\Program Files\Soda PDF Desktop\ws.exe
O23 - Service: Soda PDF Desktop CrashHandler - LULU Software - C:\Program Files\Soda PDF Desktop\crash-handler-ws.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15979 bytes

======Listing Processes======

C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-87db55f1-0e78-4d1c-ae65-258b2922c9fd -SystemEventPortName:HostProcess-d1b8a06c-40ea-4cac-bcc0-c98d264c2233 -IoCancelEventPortName:HostProcess-b27a7e28-948a-4db2-888e-8c0a0fbc322a -NonStateChangingEventPortName:HostProcess-2732923a-3363-4c35-8240-c71f6a417b65 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:26a91ba5-5981-4c7c-8d25-e20034c4f128 -DeviceGroupId:
C:\Windows\system32\igfxCUIService.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"

C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\SysWOW64\esif_uf.exe
"C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe"
"C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
dashost.exe {b3ba197b-31a7-4497-bd53aca00bb83338}
C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe"
"C:\Windows\system32\mfevtps.exe" -mms
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" -mms
"C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"

C:\Windows\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
sihost.exe
"C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe" /startUserModeHosting=6_TIME_TO_DIE
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
igfxEM.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
igfxHK.exe
igfxTray.exe
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
AvastUI.exe /nogui
"C:\Users\Viera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Windows\System32\NetworkUXBroker.exe" -ServerName:Windows.Networking.UX
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"fontdrvhost.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
"C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe"
/S
C:\Windows\system32\SettingSyncHost.exe -Embedding
taskeng.exe {B1F0FD33-9AE4-42D4-8D4E-E7DD4E318D6E}
"c:\PROGRA~1\COMMON~1\mcafee\updmgr\404017~1.4\MCUPDA~1.EXE" -Embedding
"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /simplemode /platui
"C:\PROGRA~1\COMMON~1\McAfee\Platform\MSM\McSmtFwk.exe" {CF10C3DD-7FC1-476f-8546-A12D7DA24BBF}|{bc3ef167-4296-47d4-b2bd-b89e23d74621}
"c:\program files (x86)\common files\mcafee\installer\10.0.4003.0\mcinst.exe" /install msclibkupd.inf
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe32_ Global\UsGthrCtrlFltPipeMssGthrPipe32 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 592 620 628 8192 624

"C:\Users\Viera\Downloads\RSITx64.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe"
"C:\Program Files\Common Files\Intel Security\PEF\Installer\InstallPEF.exe" /appid:WSS
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\WpsNotifyTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe -from=task
C:\Windows\tasks\WpsUpdateTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe -from=task

=========Mozilla firefox=========

ProfilePath - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\3zirh5n2.default

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2017-05-16 189288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-17 149704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2017-05-16 160192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-17 2101440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-12 2655520]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-10 213824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Viera\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-06-22 1555664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [2015-12-24 63272]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
avast! SecureLine.lnk - C:\Program Files\AVAST Software\SecureLine\SecureLine.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfencbdc.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeplk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeplk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ModuleCoreService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-06-26 13:16:22 ----D---- C:\Program Files\trend micro
2017-06-26 13:16:20 ----D---- C:\rsit
2017-06-21 13:33:11 ----D---- C:\ProgramData\SWCUTemp
2017-06-17 18:28:56 ----D---- C:\Program Files\Common Files\DESIGNER
2017-06-15 21:46:32 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-06-15 21:46:32 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-06-15 21:46:32 ----A---- C:\Windows\system32\mssrch.dll
2017-06-15 21:46:31 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-06-15 21:46:31 ----A---- C:\Windows\SYSWOW64\apprepapi.dll
2017-06-15 21:46:31 ----A---- C:\Windows\system32\tquery.dll
2017-06-15 21:46:30 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-06-15 21:46:30 ----A---- C:\Windows\SYSWOW64\apprepsync.dll
2017-06-15 21:46:29 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:46:29 ----A---- C:\Windows\SYSWOW64\mos.dll
2017-06-15 21:46:28 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-06-15 21:46:28 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2017-06-15 21:46:28 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2017-06-15 21:46:28 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-06-15 21:46:27 ----A---- C:\Windows\SYSWOW64\IdCtrls.dll
2017-06-15 21:46:26 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2017-06-15 21:46:25 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2017-06-15 21:46:23 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-06-15 21:46:23 ----A---- C:\Windows\SYSWOW64\CoreUIComponents.dll
2017-06-15 21:46:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-06-15 21:46:22 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2017-06-15 21:46:21 ----A---- C:\Windows\SYSWOW64\WWAHost.exe
2017-06-15 21:46:21 ----A---- C:\Windows\SYSWOW64\oemlicense.dll
2017-06-15 21:46:21 ----A---- C:\Windows\SYSWOW64\licensingdiag.exe
2017-06-15 21:46:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-06-15 21:46:20 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2017-06-15 21:46:19 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2017-06-15 21:46:18 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-06-15 21:46:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2017-06-15 21:46:11 ----A---- C:\Windows\SYSWOW64\GamePanel.exe
2017-06-15 21:46:11 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-06-15 21:46:10 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-06-15 21:46:09 ----A---- C:\Windows\SYSWOW64\UserDataTimeUtil.dll
2017-06-15 21:46:09 ----A---- C:\Windows\SYSWOW64\AzureSettingSyncProvider.dll
2017-06-15 21:46:09 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-06-15 21:46:09 ----A---- C:\Windows\system32\drivers\BasicRender.sys
2017-06-15 21:46:07 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2017-06-15 21:46:06 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-06-15 21:46:05 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2017-06-15 21:46:04 ----A---- C:\Windows\SYSWOW64\certutil.exe
2017-06-15 21:45:59 ----A---- C:\Windows\SYSWOW64\WSSync.dll
2017-06-15 21:45:59 ----A---- C:\Windows\SYSWOW64\certenc.dll
2017-06-15 21:45:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-06-15 21:45:56 ----A---- C:\Windows\system32\sppsvc.exe
2017-06-15 21:45:55 ----A---- C:\Windows\system32\wuaueng.dll
2017-06-15 21:45:55 ----A---- C:\Windows\system32\CertEnroll.dll
2017-06-15 21:45:53 ----A---- C:\Windows\system32\UserDataTimeUtil.dll
2017-06-15 21:45:53 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-06-15 21:45:53 ----A---- C:\Windows\system32\AzureSettingSyncProvider.dll
2017-06-15 21:45:11 ----A---- C:\Windows\SYSWOW64\WpcWebFilter.dll
2017-06-15 21:45:11 ----A---- C:\Windows\system32\WpcWebFilter.dll
2017-06-15 21:45:10 ----A---- C:\Windows\system32\rdpudd.dll
2017-06-15 21:45:09 ----A---- C:\Windows\system32\IKEEXT.DLL
2017-06-15 21:45:09 ----A---- C:\Windows\system32\dbgeng.dll
2017-06-15 21:45:08 ----A---- C:\Windows\system32\win32spl.dll
2017-06-15 21:45:08 ----A---- C:\Windows\system32\localspl.dll
2017-06-15 21:45:07 ----A---- C:\Windows\system32\mos.dll
2017-06-15 21:45:06 ----A---- C:\Windows\system32\shell32.dll
2017-06-15 21:45:00 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-06-15 21:45:00 ----A---- C:\Windows\system32\mfps.dll
2017-06-15 21:44:59 ----A---- C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-06-15 21:44:57 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2017-06-15 21:44:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-06-15 21:44:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-06-15 21:44:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-06-15 21:44:46 ----A---- C:\Windows\SYSWOW64\ieproxy.dll
2017-06-15 21:44:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-06-15 21:44:46 ----A---- C:\Windows\system32\WSSync.dll
2017-06-15 21:44:45 ----A---- C:\Windows\system32\jscript9.dll
2017-06-15 21:44:44 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2017-06-15 21:44:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-06-15 21:44:43 ----A---- C:\Windows\system32\msfeeds.dll
2017-06-15 21:44:41 ----A---- C:\Windows\system32\urlmon.dll
2017-06-15 21:44:41 ----A---- C:\Windows\system32\odbcconf.dll
2017-06-15 21:44:40 ----A---- C:\Windows\system32\WUDFPlatform.dll
2017-06-15 21:44:40 ----A---- C:\Windows\system32\ieapfltr.dll
2017-06-15 21:44:39 ----A---- C:\Windows\system32\WSShared.dll
2017-06-15 21:44:39 ----A---- C:\Windows\system32\WSService.dll
2017-06-15 21:44:39 ----A---- C:\Windows\system32\kerberos.dll
2017-06-15 21:44:36 ----A---- C:\Windows\system32\aadtb.dll
2017-06-15 21:44:35 ----A---- C:\Windows\system32\ieproxy.dll
2017-06-15 21:44:35 ----A---- C:\Windows\system32\Chakra.dll
2017-06-15 21:44:33 ----A---- C:\Windows\system32\ieframe.dll
2017-06-15 21:44:32 ----A---- C:\Windows\system32\edgehtml.dll
2017-06-15 21:44:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-06-15 21:44:28 ----A---- C:\Windows\HelpPane.exe
2017-06-15 21:44:27 ----A---- C:\Windows\system32\DWrite.dll
2017-06-15 21:44:27 ----A---- C:\Windows\system32\comsvcs.dll
2017-06-15 21:44:26 ----A---- C:\Windows\system32\CoreUIComponents.dll
2017-06-15 21:44:25 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2017-06-15 21:44:24 ----A---- C:\Windows\system32\mshtml.dll
2017-06-15 21:44:17 ----A---- C:\Windows\system32\DeviceCensus.exe
2017-06-15 21:44:17 ----A---- C:\Windows\system32\dcntel.dll
2017-06-15 21:44:16 ----A---- C:\Windows\system32\tzres.dll
2017-06-15 21:44:16 ----A---- C:\Windows\system32\MSVP9DEC.dll
2017-06-15 21:44:15 ----A---- C:\Windows\system32\SettingSyncHost.exe
2017-06-15 21:44:15 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-06-15 21:44:15 ----A---- C:\Windows\system32\IdCtrls.dll
2017-06-15 21:44:14 ----A---- C:\Windows\system32\CoreMessaging.dll
2017-06-15 21:44:12 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-15 21:44:10 ----A---- C:\Windows\system32\oemlicense.dll
2017-06-15 21:44:09 ----A---- C:\Windows\system32\winsrv.dll
2017-06-15 21:44:09 ----A---- C:\Windows\system32\drivers\tm.sys
2017-06-15 21:44:09 ----A---- C:\Windows\system32\ClipSVC.dll
2017-06-15 21:44:09 ----A---- C:\Windows\system32\atmfd.dll
2017-06-15 21:44:08 ----A---- C:\Windows\system32\vss_ps.dll
2017-06-15 21:44:08 ----A---- C:\Windows\system32\sppwinob.dll
2017-06-15 21:44:08 ----A---- C:\Windows\system32\fontdrvhost.exe
2017-06-15 21:44:08 ----A---- C:\Windows\system32\ClipUp.exe
2017-06-15 21:44:08 ----A---- C:\Windows\system32\apprepapi.dll
2017-06-15 21:44:07 ----A---- C:\Windows\system32\win32kbase.sys
2017-06-15 21:44:07 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-06-15 21:44:06 ----A---- C:\Windows\system32\gdi32.dll
2017-06-15 21:44:05 ----A---- C:\Windows\system32\sppobjs.dll
2017-06-15 21:44:05 ----A---- C:\Windows\system32\apprepsync.dll
2017-06-15 21:44:04 ----A---- C:\Windows\system32\fdProxy.dll
2017-06-15 21:44:03 ----A---- C:\Windows\system32\win32kfull.sys
2017-06-15 21:44:02 ----A---- C:\Windows\system32\FntCache.dll
2017-06-15 21:44:02 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2017-06-15 21:43:54 ----A---- C:\Windows\system32\invagent.dll
2017-06-15 21:43:54 ----A---- C:\Windows\system32\devinv.dll
2017-06-15 21:43:54 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-06-15 21:43:54 ----A---- C:\Windows\system32\aeinv.dll
2017-06-15 21:43:54 ----A---- C:\Windows\system32\acmigration.dll
2017-06-15 21:43:53 ----A---- C:\Windows\system32\generaltel.dll
2017-06-15 21:43:53 ----A---- C:\Windows\system32\appraiser.dll
2017-06-15 21:43:52 ----A---- C:\Windows\system32\reseteng.dll
2017-06-15 21:43:51 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2017-06-15 21:43:51 ----A---- C:\Windows\system32\UIRibbonRes.dll
2017-06-15 21:43:51 ----A---- C:\Windows\system32\GamePanel.exe
2017-06-15 21:43:50 ----A---- C:\Windows\system32\licensingdiag.exe
2017-06-15 21:43:50 ----A---- C:\Windows\system32\certcli.dll
2017-06-15 21:43:49 ----A---- C:\Windows\system32\aepic.dll
2017-06-15 21:43:48 ----A---- C:\Windows\system32\certutil.exe
2017-06-15 21:43:48 ----A---- C:\Windows\system32\atmlib.dll
2017-06-15 21:43:46 ----A---- C:\Windows\system32\certenc.dll
2017-06-10 08:57:07 ----A---- C:\Windows\system32\drivers\lpsport.sys

======List of files/folders modified in the last 1 month======

2017-06-26 13:16:36 ----D---- C:\Windows\Temp
2017-06-26 13:16:31 ----RD---- C:\Windows\assembly
2017-06-26 13:16:22 ----RD---- C:\Program Files
2017-06-26 13:15:39 ----D---- C:\Windows\system32\Tasks
2017-06-26 13:12:39 ----D---- C:\Windows\system32\drivers
2017-06-26 13:08:06 ----D---- C:\Windows\system32\sru
2017-06-26 13:07:12 ----D---- C:\Windows\Prefetch
2017-06-26 13:05:23 ----D---- C:\Windows\system32\NDF
2017-06-26 13:00:23 ----D---- C:\Windows\System32
2017-06-26 13:00:23 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-25 12:01:58 ----HD---- C:\Program Files\WindowsApps
2017-06-25 11:58:04 ----D---- C:\Windows\INF
2017-06-22 16:56:09 ----D---- C:\Windows\AppReadiness
2017-06-21 13:33:11 ----HD---- C:\ProgramData
2017-06-21 13:30:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-21 13:30:20 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-06-21 10:18:22 ----D---- C:\Windows\system32\config
2017-06-21 10:02:34 ----D---- C:\Windows\CbsTemp
2017-06-21 09:47:51 ----SHD---- C:\Windows\Installer
2017-06-21 09:41:06 ----AD---- C:\Program Files\Microsoft Office
2017-06-21 09:17:54 ----D---- C:\Windows\Microsoft.NET
2017-06-21 09:17:53 ----D---- C:\Windows\WinSxS
2017-06-21 09:16:25 ----D---- C:\Windows\system32\DriverStore
2017-06-17 19:57:53 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-06-17 19:57:53 ----D---- C:\Windows\SysWOW64
2017-06-17 19:57:47 ----D---- C:\Windows\system32\sk-SK
2017-06-17 19:57:47 ----D---- C:\Windows\system32\migration
2017-06-17 19:57:47 ----D---- C:\Windows\system32\appraiser
2017-06-17 19:57:39 ----RD---- C:\Windows\ImmersiveControlPanel
2017-06-17 19:57:39 ----D---- C:\Program Files\Windows Photo Viewer
2017-06-17 19:57:39 ----D---- C:\Program Files\Windows Defender
2017-06-17 19:57:39 ----D---- C:\Program Files\Internet Explorer
2017-06-17 19:57:39 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-06-17 19:57:39 ----D---- C:\Program Files (x86)\Windows Defender
2017-06-17 19:57:39 ----D---- C:\Program Files (x86)\Internet Explorer
2017-06-17 19:57:39 ----AD---- C:\Windows
2017-06-17 18:30:04 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-06-17 18:28:56 ----D---- C:\Program Files\Common Files
2017-06-17 18:28:56 ----AD---- C:\Program Files\Common Files\microsoft shared
2017-06-17 17:55:21 ----D---- C:\Windows\system32\Macromed
2017-06-17 17:55:16 ----D---- C:\Windows\SYSWOW64\Macromed
2017-06-17 17:54:57 ----D---- C:\Windows\system32\MRT
2017-06-16 21:35:20 ----AC---- C:\Windows\system32\MRT.exe
2017-06-16 21:18:36 ----SHD---- C:\System Volume Information
2017-06-16 16:19:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-06-13 22:09:36 ----D---- C:\Windows\system32\catroot2
2017-06-09 21:05:20 ----D---- C:\Windows\system32\CatRoot
2017-06-09 21:02:34 ----D---- C:\Program Files (x86)\ASUS
2017-06-09 21:01:38 ----AD---- C:\Program Files (x86)\Farming Simulator 2013 Demo
2017-06-03 15:14:46 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll
2017-06-03 05:07:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-05-29 21:24:06 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-05-10 190256]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-05-10 334576]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-05-10 49016]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-05-10 75704]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-05-10 339696]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2017-01-20 923640]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2017-01-20 254800]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-05-10 311808]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-05-10 32600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-05-10 101152]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-05-10 1007160]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-05-10 569192]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-05-10 128648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-05-17 158880]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-10-30 47616]
R3 AsusSGDrv;@oem16.inf,%AsusSGDrv.SvcDesc%;ASUS Touch Service; C:\Windows\system32\DRIVERS\AsusSGDrv.sys [2015-12-18 141304]
R3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-05-10 38296]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw10x.sys [2015-09-08 4323976]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2015-07-29 601624]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2016-08-03 84992]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-08-17 53752]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-08-17 261624]
R3 HIDSwitch;@oem17.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2015-08-19 27872]
R3 iagpioe;@oem4.inf,%iagpioe.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpioe.sys [2015-06-03 41984]
R3 iai2ce;iai2ce; C:\Windows\System32\drivers\iai2ce.sys [2015-06-03 89592]
R3 igfxLP;igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [2015-10-26 5906320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-12-14 4705536]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-10-26 475384]
R3 mfeaack;McAfee Inc. mfeaack; C:\Windows\system32\drivers\mfeaack.sys [2017-01-20 487184]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2017-01-20 366328]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2017-01-20 518704]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2017-01-19 498648]
R3 mfeplk;McAfee Inc. mfeplk; C:\Windows\system32\drivers\mfeplk.sys [2017-01-20 110256]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-11-04 11202192]
R3 rt640x64;@oem13.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2015-07-15 887552]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2017-04-03 85048]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2015-10-30 1146880]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\Windows\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2016-08-03 112640]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2016-03-29 245760]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2016-08-03 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2016-08-03 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-11-22 117248]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2017-01-20 88464]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i63x64.sys [2015-10-30 472576]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2016-10-25 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2017-04-01 225432]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2017-01-19 109320]
S3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\System32\drivers\Netwsw00.sys [2015-10-30 11518976]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2016-08-03 181248]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-22 123704]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [2015-12-24 75264]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2015-07-29 323152]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-10 263304]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-06-10 4122816]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 esifsvc;@oem9.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-08-17 1385640]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-12-22 349728]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-10-26 353896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 Kingsoft_WPS_UpdateService;WPS Office Update Service; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [2016-04-03 133480]
R2 McAPExe;McAfee AP Service; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [2017-04-04 994312]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2017-02-28 2054080]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2017-01-18 385112]
R2 ModuleCoreService;McAfee Module Core Service; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [2017-02-26 1551512]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-10-30 1255728]
R2 OneSyncSvc_1750dde;Sync Host_1750dde; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 PEFService;Intel Security PEF Service; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2017-04-21 1105840]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2017-03-10 592392]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-05-10 7346208]
R3 ClientAnalyticsService;ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [2017-03-29 1752992]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R3 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2017-01-18 241040]
R3 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2017-01-18 343792]
R3 PimIndexMaintenanceSvc_1750dde;Kontaktné údaje_1750dde; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 0041131494528973mcinstcleanup;McAfee Application Installer Cleanup (0041131494528973); C:\Windows\TEMP\004113~1.EXE [2017-02-09 1030904]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-10 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-08 153752]
S2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2017-02-22 641520]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S2 mcbootdelaystartsvc;McAfee Boot Delay Start Service; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2017-02-22 641520]
S2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2017-02-22 641520]
S2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2017-02-22 641520]
S2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2017-02-22 641520]
S2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2017-02-22 641520]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_10670821;Sync Host_10670821; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1245ce4;Sync Host_1245ce4; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_27b87;Sync Host_27b87; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_293afb;Sync Host_293afb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_35cf5c2;Sync Host_35cf5c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3a8d504;Sync Host_3a8d504; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_405abf3;Sync Host_405abf3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_5d00393;Sync Host_5d00393; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_5e0226f;Sync Host_5e0226f; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-10-26 282216]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-10 143144]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-12-22 209952]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-08 153752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-05-22 881152]
S3 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2017-05-16 188256]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2015-07-03 379896]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2017-02-24 1344472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_10670821;MessagingService_10670821; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1245ce4;MessagingService_1245ce4; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1750dde;MessagingService_1750dde; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_27b87;MessagingService_27b87; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_293afb;MessagingService_293afb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_35cf5c2;MessagingService_35cf5c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3a8d504;MessagingService_3a8d504; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_405abf3;MessagingService_405abf3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5d00393;MessagingService_5d00393; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5e0226f;MessagingService_5e0226f; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-21 175560]
S3 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2017-02-22 641520]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-06-10 257224]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_10670821;Kontaktné údaje_10670821; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1245ce4;Kontaktné údaje_1245ce4; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_27b87;Kontaktné údaje_27b87; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_293afb;Kontaktné údaje_293afb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_35cf5c2;Kontaktné údaje_35cf5c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3a8d504;Kontaktné údaje_3a8d504; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_405abf3;Kontaktné údaje_405abf3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5d00393;Kontaktné údaje_5d00393; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5e0226f;Kontaktné údaje_5e0226f; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2017-03-04 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 Soda PDF Desktop;Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2017-01-25 2581864]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2017-02-22 641520]

-----------------EOF-----------------

stelinka · #2 Příspěvek od **stelinka** » 26 čer 2017 12:39

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
Ran by Viera (administrator) on DESKTOP-OI19R8T (26-06-2017 13:27:37)
Running from C:\Users\Viera\Downloads
Loaded Profiles: Viera (Available Profiles: Viera)
Platform: Windows 10 Home Version 1511 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\msm\McS30B0.tmp
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-06-27]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 192.168.3.105
Tcpip\..\Interfaces\{718cfead-907c-424b-b653-8e0787549631}: [DhcpNameServer] 192.168.1.20 192.168.3.105
Tcpip\..\Interfaces\{a96c6131-756c-4f9b-9a80-14b10cc17600}: [DhcpNameServer] 40.51.1.14

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3828171548-469387793-79912557-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3828171548-469387793-79912557-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-17] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-17] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-06-17] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-05-16] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-04-17] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-04-17] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: 3zirh5n2.default
FF ProfilePath: C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\3zirh5n2.default [2017-06-26]
FF Extension: (Avast SafePrice) - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\3zirh5n2.default\Extensions\sp@avast.com.xpi [2017-06-01]
FF Extension: (Avast Online Security) - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\3zirh5n2.default\Extensions\wrc@avast.com.xpi [2017-06-01]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-31] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-04-17] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-17] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-04-17] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default [2017-06-21]
CHR Extension: (Prezentácie Google) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-08]
CHR Extension: (Dokumenty Google) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-08]
CHR Extension: (Disk Google) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-08]
CHR Extension: (YouTube) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-08]
CHR Extension: (Avast SafePrice) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-08]
CHR Extension: (Tabuľky Google) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-08]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-05-31]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-15]
CHR Extension: (Avast Online Security) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-08]
CHR Extension: (Gmail) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-08]
CHR Extension: (Chrome Media Router) - C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0041131494528973mcinstcleanup; C:\Windows\TEMP\004113~1.EXE [1030904 2017-02-09] (McAfee, Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122816 2017-06-10] (Microsoft Corporation)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-10] (Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [353896 2015-10-26] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd)
R3 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188256 2017-05-16] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-04-04] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [379896 2015-07-03] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551512 2017-02-26] (McAfee, Inc.)
R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1105840 2017-04-21] (Intel Security, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2017-03-10] ()
S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2581864 2017-01-25] (LULU Software)
S3 Soda PDF Desktop CrashHandler; C:\Program Files\Soda PDF Desktop\crash-handler-ws.exe [931176 2017-01-25] (LULU Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-06-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusSGDrv; C:\Windows\system32\DRIVERS\AsusSGDrv.sys [141304 2015-12-18] (ASUS Corporation)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.)
R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-17] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-10] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4323976 2015-09-08] (Qualcomm Atheros Communications, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [225432 2017-04-01] (McAfee, Inc.)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-03] (Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [89592 2015-06-03] (Intel(R) Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5906320 2015-10-26] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2017-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U1 aswbdisk; no ImagePath
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-26 13:27 - 2017-06-26 13:32 - 00025950 _____ C:\Users\Viera\Downloads\FRST.txt
2017-06-26 13:25 - 2017-06-26 13:27 - 00000000 ____D C:\FRST
2017-06-26 13:25 - 2017-06-26 13:25 - 02441216 _____ (Farbar) C:\Users\Viera\Downloads\FRST64.exe
2017-06-26 13:23 - 2017-06-26 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-06-26 13:16 - 2017-06-26 13:17 - 00000000 ____D C:\rsit
2017-06-26 13:16 - 2017-06-26 13:16 - 00000000 ____D C:\Program Files\trend micro
2017-06-26 13:15 - 2017-06-26 13:16 - 01222144 _____ C:\Users\Viera\Downloads\RSITx64.exe
2017-06-25 17:03 - 2017-06-26 13:03 - 00004034 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-06-23 15:51 - 2017-06-26 13:03 - 00003550 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-06-21 13:33 - 2017-06-21 13:33 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-21 09:24 - 2017-06-25 17:06 - 00004222 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-06-17 18:28 - 2017-06-17 18:28 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-06-15 21:46 - 2017-06-03 14:51 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-15 21:46 - 2017-06-03 13:48 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-15 21:46 - 2017-06-03 13:45 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-06-15 21:46 - 2017-06-03 13:44 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-15 21:46 - 2017-06-03 13:39 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-15 21:46 - 2017-06-03 13:14 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-15 21:46 - 2017-06-03 13:13 - 00546968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-15 21:46 - 2017-06-03 13:11 - 01368176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-15 21:46 - 2017-06-03 12:43 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-06-15 21:46 - 2017-06-03 12:40 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-15 21:46 - 2017-06-03 12:34 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-15 21:46 - 2017-06-03 12:33 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-06-15 21:46 - 2017-06-03 12:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-15 21:46 - 2017-06-03 12:14 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2017-06-15 21:46 - 2017-06-03 12:09 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2017-06-15 21:46 - 2017-06-03 12:05 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-06-15 21:46 - 2017-06-03 12:04 - 00190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-06-15 21:46 - 2017-06-03 12:03 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-15 21:46 - 2017-06-03 12:01 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-06-15 21:46 - 2017-06-03 11:55 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-06-15 21:46 - 2017-06-03 11:50 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-15 21:46 - 2017-06-03 11:49 - 01151488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-15 21:46 - 2017-06-03 11:49 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-15 21:46 - 2017-06-03 11:44 - 00760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-15 21:46 - 2017-06-03 11:43 - 00805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2017-06-15 21:46 - 2017-06-03 11:41 - 03695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-15 21:46 - 2017-06-03 11:41 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-06-15 21:46 - 2017-06-03 11:40 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2017-06-15 21:46 - 2017-06-03 11:34 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-15 21:46 - 2017-06-03 11:27 - 04078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-06-15 21:46 - 2017-06-03 11:19 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-15 21:46 - 2017-06-03 11:16 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-15 21:46 - 2017-06-03 11:14 - 06296064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-06-15 21:46 - 2017-06-03 11:05 - 03575808 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-15 21:46 - 2017-06-03 10:59 - 02771456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-15 21:46 - 2017-06-03 10:56 - 04404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-06-15 21:46 - 2017-06-03 10:55 - 05326848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-15 21:46 - 2017-06-03 10:51 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-06-15 21:46 - 2017-06-03 10:48 - 00339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-15 21:46 - 2017-06-03 10:23 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-15 21:45 - 2017-06-03 15:34 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-15 21:45 - 2017-06-03 15:31 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-06-15 21:45 - 2017-06-03 14:57 - 00245848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-06-15 21:45 - 2017-06-03 14:47 - 22560744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-15 21:45 - 2017-06-03 14:45 - 06536256 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2017-06-15 21:45 - 2017-06-03 13:49 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-06-15 21:45 - 2017-06-03 13:42 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-06-15 21:45 - 2017-06-03 13:42 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-15 21:45 - 2017-06-03 12:55 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-06-15 21:45 - 2017-06-03 12:43 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-15 21:45 - 2017-06-03 12:36 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-06-15 21:45 - 2017-06-03 12:34 - 00572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-06-15 21:45 - 2017-06-03 12:32 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-15 21:45 - 2017-06-03 12:20 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2017-06-15 21:45 - 2017-06-03 12:17 - 05123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-06-15 21:45 - 2017-06-03 12:16 - 01121792 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-15 21:45 - 2017-06-03 12:15 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-06-15 21:45 - 2017-06-03 12:08 - 02280960 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-15 21:45 - 2017-06-03 12:01 - 07977984 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-06-15 21:45 - 2017-06-03 11:51 - 00153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2017-06-15 21:45 - 2017-06-03 11:41 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-06-15 21:45 - 2017-06-03 11:20 - 02911744 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-06-15 21:44 - 2017-06-03 15:51 - 00129376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-15 21:44 - 2017-06-03 15:49 - 07464288 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-15 21:44 - 2017-06-03 15:49 - 02656952 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-15 21:44 - 2017-06-03 15:46 - 00754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-15 21:44 - 2017-06-03 15:27 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2017-06-15 21:44 - 2017-06-03 14:47 - 00566112 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-06-15 21:44 - 2017-06-03 14:46 - 01540224 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-15 21:44 - 2017-06-03 14:46 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2017-06-15 21:44 - 2017-06-03 14:43 - 01128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2017-06-15 21:44 - 2017-06-03 14:43 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-06-15 21:44 - 2017-06-03 14:12 - 01987424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-15 21:44 - 2017-06-03 14:12 - 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-15 21:44 - 2017-06-03 14:12 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-15 21:44 - 2017-06-03 14:10 - 01597520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-15 21:44 - 2017-06-03 13:57 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-15 21:44 - 2017-06-03 13:57 - 00034656 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-15 21:44 - 2017-06-03 13:42 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-15 21:44 - 2017-06-03 13:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-06-15 21:44 - 2017-06-03 13:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-06-15 21:44 - 2017-06-03 13:40 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-15 21:44 - 2017-06-03 13:21 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-06-15 21:44 - 2017-06-03 13:20 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2017-06-15 21:44 - 2017-06-03 13:19 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-06-15 21:44 - 2017-06-03 13:13 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2017-06-15 21:44 - 2017-06-03 13:11 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-15 21:44 - 2017-06-03 13:09 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-06-15 21:44 - 2017-06-03 13:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2017-06-15 21:44 - 2017-06-03 13:08 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-15 21:44 - 2017-06-03 13:07 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-06-15 21:44 - 2017-06-03 12:50 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2017-06-15 21:44 - 2017-06-03 12:49 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-15 21:44 - 2017-06-03 12:48 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-15 21:44 - 2017-06-03 12:48 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-06-15 21:44 - 2017-06-03 12:45 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-15 21:44 - 2017-06-03 12:43 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-15 21:44 - 2017-06-03 12:41 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-15 21:44 - 2017-06-03 12:40 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-06-15 21:44 - 2017-06-03 12:40 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2017-06-15 21:44 - 2017-06-03 12:38 - 01663488 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-15 21:44 - 2017-06-03 12:37 - 04456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-15 21:44 - 2017-06-03 12:26 - 02433536 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-15 21:44 - 2017-06-03 12:20 - 03587072 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-15 21:44 - 2017-06-03 12:07 - 01729536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-15 21:44 - 2017-06-03 12:06 - 00995840 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-15 21:44 - 2017-06-03 12:05 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-15 21:44 - 2017-06-03 11:49 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-15 21:44 - 2017-06-03 11:47 - 16985600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-06-15 21:44 - 2017-06-03 11:44 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-15 21:44 - 2017-06-03 11:31 - 04890112 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-15 21:44 - 2017-06-03 11:30 - 22376448 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-15 21:44 - 2017-06-03 11:19 - 24605184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-15 21:44 - 2017-06-03 11:19 - 06977024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-15 21:44 - 2017-06-03 11:17 - 13393920 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-15 21:44 - 2017-06-03 11:05 - 07852032 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-15 21:44 - 2017-06-03 11:00 - 19344896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-15 21:44 - 2017-06-03 10:59 - 18672640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-15 21:44 - 2017-06-03 10:59 - 03660288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-15 21:44 - 2017-06-03 10:57 - 12139008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-15 21:44 - 2017-06-03 10:42 - 05670400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-15 21:44 - 2017-06-03 08:03 - 00448576 _____ C:\Windows\system32\ApnDatabase.xml
2017-06-15 21:44 - 2016-06-18 06:57 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2017-06-15 21:43 - 2017-06-03 13:57 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-15 21:43 - 2017-06-03 13:57 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-15 21:43 - 2017-06-03 13:57 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-15 21:43 - 2017-06-03 13:57 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-15 21:43 - 2017-06-03 13:57 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-15 21:43 - 2017-06-03 13:57 - 00225632 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-15 21:43 - 2017-06-03 13:57 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-15 21:43 - 2017-06-03 13:57 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-15 21:43 - 2017-06-03 13:39 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-15 21:43 - 2017-06-03 13:32 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-06-15 21:43 - 2017-06-03 13:27 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2017-06-15 21:43 - 2017-06-03 13:02 - 00715264 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-06-15 21:43 - 2017-06-03 12:47 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-15 21:43 - 2017-06-03 12:35 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2017-06-15 21:43 - 2017-06-03 12:24 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-06-15 21:43 - 2017-06-03 11:21 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-15 21:43 - 2017-06-03 11:00 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-06-13 21:25 - 2017-06-13 21:25 - 00000000 ____D C:\Users\Viera\Desktop\Pochutnáva si na vašich zemiakoch Záhradkárka radí pridať do záhonov túto vec, pásavka tú vôňu nemôže vystáť!_subory
2017-06-10 08:57 - 2017-06-10 08:57 - 00061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2017-06-09 20:59 - 2017-06-09 20:59 - 00000000 ___RD C:\Users\Viera\3D Objects

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-26 13:32 - 2017-03-10 15:57 - 00000000 ____D C:\Users\Viera\AppData\Local\Packages
2017-06-26 13:17 - 2016-06-27 23:31 - 00003126 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-06-26 13:17 - 2016-06-27 23:31 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-06-26 13:05 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\NDF
2017-06-26 13:03 - 2017-04-13 15:24 - 00003540 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-06-26 13:03 - 2017-03-10 15:59 - 00000184 _____ C:\Users\Viera\AppData\Roaming\sp_data.sys
2017-06-26 13:03 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2017-06-26 13:01 - 2017-03-10 16:18 - 00000000 ____D C:\Users\Viera\AppData\LocalLow\Mozilla
2017-06-26 13:00 - 2017-03-10 15:57 - 00000000 __SHD C:\Users\Viera\IntelGraphicsProfiles
2017-06-26 13:00 - 2017-03-10 15:55 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-26 13:00 - 2016-04-03 06:35 - 00000944 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-06-25 12:54 - 2016-04-03 06:35 - 00000424 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job
2017-06-25 12:52 - 2016-04-03 06:35 - 00000948 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-06-25 12:01 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-25 11:58 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2017-06-25 11:57 - 2016-04-03 06:35 - 00000424 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job
2017-06-25 11:53 - 2015-10-30 08:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2017-06-23 15:51 - 2017-03-10 16:09 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-23 15:51 - 2017-03-10 16:06 - 00002365 _____ C:\Users\Viera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-23 15:51 - 2017-03-10 16:06 - 00000000 ___RD C:\Users\Viera\OneDrive
2017-06-21 13:30 - 2017-03-10 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-21 13:30 - 2017-03-10 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-21 13:30 - 2016-04-03 06:13 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-21 13:29 - 2015-10-30 08:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-06-21 10:16 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2017-06-21 09:41 - 2016-06-27 23:39 - 00000000 ____D C:\Program Files\Microsoft Office
2017-06-21 09:18 - 2016-06-27 22:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-21 09:14 - 2016-04-03 06:10 - 00341136 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-17 19:57 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-17 19:57 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-17 19:57 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-17 19:57 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-06-17 19:57 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-17 19:57 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-06-17 18:30 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-17 18:28 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-17 17:55 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-17 17:55 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-17 17:54 - 2017-03-11 14:48 - 00000000 ____D C:\Windows\system32\MRT
2017-06-16 21:35 - 2017-03-11 14:47 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-16 16:19 - 2016-04-03 06:19 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-16 16:13 - 2017-03-10 16:23 - 00004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-06-10 09:02 - 2017-03-10 16:30 - 00004056 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1489156250
2017-06-10 09:02 - 2017-03-10 16:30 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-06-09 21:02 - 2016-04-03 06:33 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2017-06-09 21:02 - 2016-04-03 06:33 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-06-09 21:01 - 2017-03-12 14:14 - 00000000 ____D C:\Users\Viera\Documents\My Games
2017-06-09 21:01 - 2017-03-12 14:09 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2013 Demo
2017-06-09 20:59 - 2017-03-10 15:56 - 00000000 ____D C:\Users\Viera
2017-06-03 15:14 - 2016-04-03 06:15 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-06-03 05:07 - 2015-10-30 09:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-03 05:07 - 2015-10-30 09:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-29 21:24 - 2016-04-03 15:09 - 00000000 ____D C:\Windows\Panther

==================== Files in the root of some directories =======

2017-03-10 15:59 - 2017-06-26 13:03 - 0000184 _____ () C:\Users\Viera\AppData\Roaming\sp_data.sys
2016-06-27 23:11 - 2016-06-27 23:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-03-23 20:08 - 2017-03-23 20:08 - 0264192 _____ () C:\Users\Viera\AppData\Local\Temp\tmp3B0C.tmp.exe
2017-03-23 19:02 - 2017-03-23 19:02 - 0264192 _____ () C:\Users\Viera\AppData\Local\Temp\tmp67BF.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-06 17:01

==================== End of FRST.txt ============================

#3 Příspěvek od **Roli** » 26 čer 2017 21:15

Zdravím,

v první řadě odinstaluj jeden z antivirů, máš tam totiž dva Avast a McAfee a to není dobré. Doporučuji se zbavit McAfee.

Dále smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

stelinka · #4 Příspěvek od **stelinka** » 27 čer 2017 07:05

# AdwCleaner v6.047 - *Logfile created 27/06/2017 *at 07:57:34
# *Updated on 19/05/2017 by Malwarebytes
# *Database : 2017-06-26.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Viera - DESKTOP-OI19R8T
# *Running from : C:\Users\Viera\Downloads\adwcleaner_6.047.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support

***** [ *Services ] *****

***** [ *Folders ] *****

***** [ *Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ *Shortcuts ] *****

***** [ *Scheduled Tasks ] *****

***** [ *Registry ] *****

[-] *Key deleted: HKCU\Software\710d25efdcab2ddda64209bd53531383
[-] *Key deleted: HKCU\Software\8f9af95449d94d38ea694f20c41aee21

***** [ *Browsers ] *****

*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [906 *Bytes] - [27/06/2017 07:57:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [1261 *Bytes] - [27/06/2017 07:56:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1053 *Bytes] ##########

#5 Příspěvek od **Roli** » 27 čer 2017 17:47

Dále použij Mbam z mého podpisu a dej mi sem z něj log.

Spusť skener Cure It podle TOHOTO návodu

po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.

(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)

stelinka · #6 Příspěvek od **stelinka** » 28 čer 2017 06:08

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 27.06.17
Čas skenování: 19:31
Logovací soubor: log.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.141
Aktualizovat verzi balíku komponent: 1.0.2241
Licence: Zkušební

-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-OI19R8T\Viera

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 304523
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 10 hod, 51 min, 40 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

stelinka · #7 Příspěvek od **stelinka** » 28 čer 2017 08:00

Total 9383745461 bytes in 40685 files scanned (48584 objects)
Total 40735 files (48544 objects) are clean
Total 2 files are infected
Total 38 files are raised error condition
Scan time is 00:24:53.182

#8 Příspěvek od **Roli** » 28 čer 2017 21:35

Bezva, ještě pro kontrolu mi sem dej aktuální log.txt z Rsit a písni jak se PC chová.

stelinka · #9 Příspěvek od **stelinka** » 29 čer 2017 06:04

Je to lepšie aspoň sa mi zdá, ale nie úplne ideálne, neviem čím to môže byt. Bolo tam niečo?

Logfile of random's system information tool 1.10 (written by random/random)
Run by Viera at 2017-06-29 06:51:59
Microsoft Windows 10 Home
System drive C: has 140 GB (74%) free of 190 GB
Total RAM: 4000 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:52:10, on 29.06.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0962)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Viera\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Viera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Viera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: avast! SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem9.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: WPS Office Update Service (Kingsoft_WPS_UpdateService) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13144 bytes

======Listing Processes======

C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-52ef1bab-b1a4-47da-a721-fca068a0f854 -SystemEventPortName:HostProcess-0c6a711a-40f8-42d5-9392-06c4e0a2fb27 -IoCancelEventPortName:HostProcess-da1b9441-b881-4050-ade5-c39d9f899f23 -NonStateChangingEventPortName:HostProcess-02376fe1-e62a-41ac-a258-d1670112f686 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:868fe8b1-8a88-48ec-9aa8-da21477164fb -DeviceGroupId:
C:\Windows\system32\igfxCUIService.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"

C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe"
"C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe"
C:\Windows\SysWOW64\esif_uf.exe
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"

C:\Windows\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
AvastUI.exe /nogui
"C:\Users\Viera\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\system32\SettingSyncHost.exe -Embedding
/S
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
taskhostw.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {64C0ED3E-094F-4FC3-AD50-D109D53C4313}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
C:\Windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1900.0.608986073\1427418342" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1900 "\\.\pipe\gecko-crash-server-pipe.1900" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1900.1.2078486104\594336179" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|33:20|34:10|43:128|44:10000|48:0|50:400|51:1|52:0|53:0|58:0|59:120|60:120|133:2|134:1|147:5000|157:0|159:0|170:10000|182:-1|187:128|188:10000|189:0|195:24|196:32768|198:0|199:0|207:5|211:1048576|212:100|213:5000|215:600|217:1|226:1|231:0|241:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|35:1|36:0|37:0|38:0|39:1|40:0|41:1|42:1|45:0|46:0|47:0|49:0|54:1|55:1|56:0|57:1|61:1|62:1|63:0|64:1|65:1|66:0|67:1|70:0|71:0|74:1|75:1|79:1|80:1|81:0|82:0|84:0|85:0|86:1|87:0|90:0|91:1|92:1|93:1|94:1|95:1|96:0|97:0|98:1|99:0|100:0|101:0|102:1|103:1|104:0|105:1|106:1|107:0|108:0|109:1|110:1|111:1|112:0|113:1|114:1|115:1|116:1|117:1|118:1|119:1|120:1|122:0|123:0|124:0|125:1|126:0|127:1|131:1|132:1|135:1|136:0|141:0|146:0|149:1|152:1|154:1|158:0|161:1|164:1|165:1|171:0|172:0|173:1|175:0|181:0|183:1|184:0|185:0|186:0|193:0|194:0|197:1|200:0|202:0|204:1|205:0|210:0|214:1|219:0|220:0|221:0|222:1|224:1|225:1|228:0|233:0|234:0|235:1|236:1|237:0|238:1|239:1|240:0|242:0|243:0|245:0|253:1|254:1|255:0|256:0|257:0| -stringPrefs "3:7;release|174:3;1.0|191:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‎‏‐’․‧  ‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ￹￺￻�|192:8;moderate|227:38;{1b789947-e0bc-4e4d-8cbe-3cfeb1aa0fac}|" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1900 "\\.\pipe\gecko-crash-server-pipe.1900" tab
C:\Windows\system32\devicecensus.exe
C:\Windows\system32\compattelrunner.exe
\??\C:\Windows\system32\conhost.exe 0x4
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe63_ Global\UsGthrCtrlFltPipeMssGthrPipe63 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 616 620 628 8192 624
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:nMU4Warmt0+vrgV6.1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\Windows\system32\devicecensus.exe UserCxt
\??\C:\Windows\system32\conhost.exe 0x4

"C:\Users\Viera\Downloads\RSITx64(1).exe"
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /ua /installsource scheduler
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe" /WatchService

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\WpsNotifyTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe -from=task
C:\Windows\tasks\WpsUpdateTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe -from=task

=========Mozilla firefox=========

ProfilePath - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\3zirh5n2.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-06-17 149704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-06-17 2101440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-12 2655520]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-10 213824]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Viera\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-06-22 1555664]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [2015-12-24 63272]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
avast! SecureLine.lnk - C:\Program Files\AVAST Software\SecureLine\SecureLine.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-06-27 19:29:23 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-06-27 19:29:10 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-06-27 19:29:10 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-06-27 19:28:55 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-06-27 19:28:49 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-06-27 19:28:39 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-06-27 19:28:29 ----D---- C:\ProgramData\Malwarebytes
2017-06-27 19:28:29 ----D---- C:\Program Files\Malwarebytes
2017-06-27 15:46:09 ----D---- C:\ProgramData\SWCUTemp
2017-06-27 07:51:48 ----D---- C:\AdwCleaner
2017-06-27 07:39:58 ----AD---- C:\Program Files\CCleaner
2017-06-26 13:25:43 ----D---- C:\FRST
2017-06-26 13:16:22 ----D---- C:\Program Files\trend micro
2017-06-26 13:16:20 ----D---- C:\rsit
2017-06-17 18:28:56 ----AD---- C:\Program Files\Common Files\DESIGNER
2017-06-15 21:46:32 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-06-15 21:46:32 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-06-15 21:46:32 ----A---- C:\Windows\system32\mssrch.dll
2017-06-15 21:46:31 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-06-15 21:46:31 ----A---- C:\Windows\SYSWOW64\apprepapi.dll
2017-06-15 21:46:31 ----A---- C:\Windows\system32\tquery.dll
2017-06-15 21:46:30 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-06-15 21:46:30 ----A---- C:\Windows\SYSWOW64\apprepsync.dll
2017-06-15 21:46:29 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:46:29 ----A---- C:\Windows\SYSWOW64\mos.dll
2017-06-15 21:46:28 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2017-06-15 21:46:28 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2017-06-15 21:46:28 ----A---- C:\Windows\SYSWOW64\CoreMessaging.dll
2017-06-15 21:46:28 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-06-15 21:46:27 ----A---- C:\Windows\SYSWOW64\IdCtrls.dll
2017-06-15 21:46:26 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2017-06-15 21:46:25 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2017-06-15 21:46:23 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-06-15 21:46:23 ----A---- C:\Windows\SYSWOW64\CoreUIComponents.dll
2017-06-15 21:46:22 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-06-15 21:46:22 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2017-06-15 21:46:21 ----A---- C:\Windows\SYSWOW64\WWAHost.exe
2017-06-15 21:46:21 ----A---- C:\Windows\SYSWOW64\oemlicense.dll
2017-06-15 21:46:21 ----A---- C:\Windows\SYSWOW64\licensingdiag.exe
2017-06-15 21:46:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-06-15 21:46:20 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2017-06-15 21:46:19 ----A---- C:\Windows\SYSWOW64\odbcconf.dll
2017-06-15 21:46:18 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-06-15 21:46:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2017-06-15 21:46:11 ----A---- C:\Windows\SYSWOW64\GamePanel.exe
2017-06-15 21:46:11 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-06-15 21:46:10 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-06-15 21:46:09 ----A---- C:\Windows\SYSWOW64\UserDataTimeUtil.dll
2017-06-15 21:46:09 ----A---- C:\Windows\SYSWOW64\AzureSettingSyncProvider.dll
2017-06-15 21:46:09 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-06-15 21:46:09 ----A---- C:\Windows\system32\drivers\BasicRender.sys
2017-06-15 21:46:07 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2017-06-15 21:46:06 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2017-06-15 21:46:05 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2017-06-15 21:46:04 ----A---- C:\Windows\SYSWOW64\certutil.exe
2017-06-15 21:45:59 ----A---- C:\Windows\SYSWOW64\WSSync.dll
2017-06-15 21:45:59 ----A---- C:\Windows\SYSWOW64\certenc.dll
2017-06-15 21:45:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-06-15 21:45:56 ----A---- C:\Windows\system32\sppsvc.exe
2017-06-15 21:45:55 ----A---- C:\Windows\system32\wuaueng.dll
2017-06-15 21:45:55 ----A---- C:\Windows\system32\CertEnroll.dll
2017-06-15 21:45:53 ----A---- C:\Windows\system32\UserDataTimeUtil.dll
2017-06-15 21:45:53 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-06-15 21:45:53 ----A---- C:\Windows\system32\AzureSettingSyncProvider.dll
2017-06-15 21:45:11 ----A---- C:\Windows\SYSWOW64\WpcWebFilter.dll
2017-06-15 21:45:11 ----A---- C:\Windows\system32\WpcWebFilter.dll
2017-06-15 21:45:10 ----A---- C:\Windows\system32\rdpudd.dll
2017-06-15 21:45:09 ----A---- C:\Windows\system32\IKEEXT.DLL
2017-06-15 21:45:09 ----A---- C:\Windows\system32\dbgeng.dll
2017-06-15 21:45:08 ----A---- C:\Windows\system32\win32spl.dll
2017-06-15 21:45:08 ----A---- C:\Windows\system32\localspl.dll
2017-06-15 21:45:07 ----A---- C:\Windows\system32\mos.dll
2017-06-15 21:45:06 ----A---- C:\Windows\system32\shell32.dll
2017-06-15 21:45:00 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-06-15 21:45:00 ----A---- C:\Windows\system32\mfps.dll
2017-06-15 21:44:59 ----A---- C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-06-15 21:44:57 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2017-06-15 21:44:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-06-15 21:44:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-06-15 21:44:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-06-15 21:44:46 ----A---- C:\Windows\SYSWOW64\ieproxy.dll
2017-06-15 21:44:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-06-15 21:44:46 ----A---- C:\Windows\system32\WSSync.dll
2017-06-15 21:44:45 ----A---- C:\Windows\system32\jscript9.dll
2017-06-15 21:44:44 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2017-06-15 21:44:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-06-15 21:44:43 ----A---- C:\Windows\system32\msfeeds.dll
2017-06-15 21:44:41 ----A---- C:\Windows\system32\urlmon.dll
2017-06-15 21:44:41 ----A---- C:\Windows\system32\odbcconf.dll
2017-06-15 21:44:40 ----A---- C:\Windows\system32\WUDFPlatform.dll
2017-06-15 21:44:40 ----A---- C:\Windows\system32\ieapfltr.dll
2017-06-15 21:44:39 ----A---- C:\Windows\system32\WSShared.dll
2017-06-15 21:44:39 ----A---- C:\Windows\system32\WSService.dll
2017-06-15 21:44:39 ----A---- C:\Windows\system32\kerberos.dll
2017-06-15 21:44:36 ----A---- C:\Windows\system32\aadtb.dll
2017-06-15 21:44:35 ----A---- C:\Windows\system32\ieproxy.dll
2017-06-15 21:44:35 ----A---- C:\Windows\system32\Chakra.dll
2017-06-15 21:44:33 ----A---- C:\Windows\system32\ieframe.dll
2017-06-15 21:44:32 ----A---- C:\Windows\system32\edgehtml.dll
2017-06-15 21:44:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-06-15 21:44:28 ----A---- C:\Windows\HelpPane.exe
2017-06-15 21:44:27 ----A---- C:\Windows\system32\DWrite.dll
2017-06-15 21:44:27 ----A---- C:\Windows\system32\comsvcs.dll
2017-06-15 21:44:26 ----A---- C:\Windows\system32\CoreUIComponents.dll
2017-06-15 21:44:25 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2017-06-15 21:44:24 ----A---- C:\Windows\system32\mshtml.dll
2017-06-15 21:44:17 ----A---- C:\Windows\system32\DeviceCensus.exe
2017-06-15 21:44:17 ----A---- C:\Windows\system32\dcntel.dll
2017-06-15 21:44:16 ----A---- C:\Windows\system32\tzres.dll
2017-06-15 21:44:16 ----A---- C:\Windows\system32\MSVP9DEC.dll
2017-06-15 21:44:15 ----A---- C:\Windows\system32\SettingSyncHost.exe
2017-06-15 21:44:15 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-06-15 21:44:15 ----A---- C:\Windows\system32\IdCtrls.dll
2017-06-15 21:44:14 ----A---- C:\Windows\system32\CoreMessaging.dll
2017-06-15 21:44:12 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-15 21:44:10 ----A---- C:\Windows\system32\oemlicense.dll
2017-06-15 21:44:09 ----A---- C:\Windows\system32\winsrv.dll
2017-06-15 21:44:09 ----A---- C:\Windows\system32\drivers\tm.sys
2017-06-15 21:44:09 ----A---- C:\Windows\system32\ClipSVC.dll
2017-06-15 21:44:09 ----A---- C:\Windows\system32\atmfd.dll
2017-06-15 21:44:08 ----A---- C:\Windows\system32\vss_ps.dll
2017-06-15 21:44:08 ----A---- C:\Windows\system32\sppwinob.dll
2017-06-15 21:44:08 ----A---- C:\Windows\system32\fontdrvhost.exe
2017-06-15 21:44:08 ----A---- C:\Windows\system32\ClipUp.exe
2017-06-15 21:44:08 ----A---- C:\Windows\system32\apprepapi.dll
2017-06-15 21:44:07 ----A---- C:\Windows\system32\win32kbase.sys
2017-06-15 21:44:07 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-06-15 21:44:06 ----A---- C:\Windows\system32\gdi32.dll
2017-06-15 21:44:05 ----A---- C:\Windows\system32\sppobjs.dll
2017-06-15 21:44:05 ----A---- C:\Windows\system32\apprepsync.dll
2017-06-15 21:44:04 ----A---- C:\Windows\system32\fdProxy.dll
2017-06-15 21:44:03 ----A---- C:\Windows\system32\win32kfull.sys
2017-06-15 21:44:02 ----A---- C:\Windows\system32\FntCache.dll
2017-06-15 21:44:02 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2017-06-15 21:43:54 ----A---- C:\Windows\system32\invagent.dll
2017-06-15 21:43:54 ----A---- C:\Windows\system32\devinv.dll
2017-06-15 21:43:54 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-06-15 21:43:54 ----A---- C:\Windows\system32\aeinv.dll
2017-06-15 21:43:54 ----A---- C:\Windows\system32\acmigration.dll
2017-06-15 21:43:53 ----A---- C:\Windows\system32\generaltel.dll
2017-06-15 21:43:53 ----A---- C:\Windows\system32\appraiser.dll
2017-06-15 21:43:52 ----A---- C:\Windows\system32\reseteng.dll
2017-06-15 21:43:51 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll
2017-06-15 21:43:51 ----A---- C:\Windows\system32\UIRibbonRes.dll
2017-06-15 21:43:51 ----A---- C:\Windows\system32\GamePanel.exe
2017-06-15 21:43:50 ----A---- C:\Windows\system32\licensingdiag.exe
2017-06-15 21:43:50 ----A---- C:\Windows\system32\certcli.dll
2017-06-15 21:43:49 ----A---- C:\Windows\system32\aepic.dll
2017-06-15 21:43:48 ----A---- C:\Windows\system32\certutil.exe
2017-06-15 21:43:48 ----A---- C:\Windows\system32\atmlib.dll
2017-06-15 21:43:46 ----A---- C:\Windows\system32\certenc.dll
2017-06-10 08:57:07 ----A---- C:\Windows\system32\drivers\lpsport.sys

======List of files/folders modified in the last 1 month======

2017-06-29 06:52:07 ----D---- C:\Windows\Temp
2017-06-29 06:52:06 ----D---- C:\Windows\Prefetch
2017-06-29 06:48:32 ----D---- C:\Windows\system32\sru
2017-06-28 21:24:23 ----D---- C:\Windows\AppReadiness
2017-06-28 21:24:01 ----HD---- C:\Program Files\WindowsApps
2017-06-28 19:19:08 ----D---- C:\Windows\system32\drivers
2017-06-28 09:43:15 ----D---- C:\Windows\system32\config
2017-06-28 09:01:18 ----AD---- C:\Program Files\Soda PDF Desktop
2017-06-28 06:37:06 ----D---- C:\Windows\system32\DriverStore
2017-06-28 06:31:38 ----D---- C:\Windows\Microsoft.NET
2017-06-27 19:28:29 ----RD---- C:\Program Files
2017-06-27 19:28:29 ----HD---- C:\ProgramData
2017-06-27 18:22:46 ----D---- C:\Windows\INF
2017-06-27 18:22:38 ----D---- C:\Windows\WinSxS
2017-06-27 18:19:21 ----D---- C:\Windows\rescache
2017-06-27 18:11:37 ----D---- C:\Windows\system32\catroot2
2017-06-27 17:55:15 ----SHD---- C:\System Volume Information
2017-06-27 15:48:21 ----D---- C:\Windows\system32\Tasks
2017-06-27 15:44:58 ----D---- C:\Windows\System32
2017-06-27 15:44:58 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-27 08:05:35 ----AD---- C:\Windows
2017-06-27 07:42:39 ----D---- C:\Windows\Panther
2017-06-27 07:42:34 ----D---- C:\Windows\Minidump
2017-06-27 07:42:34 ----D---- C:\Windows\Logs
2017-06-27 07:42:34 ----D---- C:\Windows\debug
2017-06-26 17:10:14 ----D---- C:\ProgramData\McAfee
2017-06-26 17:10:14 ----D---- C:\Program Files\Common Files
2017-06-26 17:10:14 ----D---- C:\Program Files (x86)\Common Files
2017-06-26 17:10:13 ----D---- C:\Program Files\Common Files\AV
2017-06-26 17:10:11 ----D---- C:\Program Files (x86)\McAfee
2017-06-26 17:10:06 ----RD---- C:\Program Files (x86)
2017-06-26 17:06:14 ----HD---- C:\Windows\ELAMBKUP
2017-06-26 17:05:47 ----RD---- C:\Windows\assembly
2017-06-26 13:32:03 ----SD---- C:\Users\Viera\AppData\Roaming\Microsoft
2017-06-26 13:05:23 ----D---- C:\Windows\system32\NDF
2017-06-21 13:30:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-21 13:30:20 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-06-21 10:16:21 ----D---- C:\Windows\CbsTemp
2017-06-21 09:47:51 ----SHD---- C:\Windows\Installer
2017-06-21 09:41:06 ----AD---- C:\Program Files\Microsoft Office
2017-06-17 19:57:53 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-06-17 19:57:53 ----D---- C:\Windows\SysWOW64
2017-06-17 19:57:47 ----D---- C:\Windows\system32\sk-SK
2017-06-17 19:57:47 ----D---- C:\Windows\system32\migration
2017-06-17 19:57:47 ----D---- C:\Windows\system32\appraiser
2017-06-17 19:57:39 ----RD---- C:\Windows\ImmersiveControlPanel
2017-06-17 19:57:39 ----D---- C:\Program Files\Windows Photo Viewer
2017-06-17 19:57:39 ----D---- C:\Program Files\Windows Defender
2017-06-17 19:57:39 ----D---- C:\Program Files\Internet Explorer
2017-06-17 19:57:39 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-06-17 19:57:39 ----D---- C:\Program Files (x86)\Windows Defender
2017-06-17 19:57:39 ----D---- C:\Program Files (x86)\Internet Explorer
2017-06-17 18:30:04 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-06-17 18:28:56 ----AD---- C:\Program Files\Common Files\microsoft shared
2017-06-17 17:55:21 ----D---- C:\Windows\system32\Macromed
2017-06-17 17:55:16 ----D---- C:\Windows\SYSWOW64\Macromed
2017-06-17 17:54:57 ----D---- C:\Windows\system32\MRT
2017-06-16 21:35:20 ----AC---- C:\Windows\system32\MRT.exe
2017-06-16 16:19:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-06-09 21:05:20 ----D---- C:\Windows\system32\CatRoot
2017-06-09 21:02:34 ----D---- C:\Program Files (x86)\ASUS
2017-06-09 21:01:38 ----AD---- C:\Program Files (x86)\Farming Simulator 2013 Demo
2017-06-03 15:14:46 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll
2017-06-03 05:07:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-05-10 190256]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-05-10 334576]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-05-10 49016]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-05-10 75704]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-05-10 339696]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-05-10 311808]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-05-10 32600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-05-10 101152]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-05-10 1007160]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-05-10 569192]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-05-25 77376]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-05-10 128648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-05-17 158880]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-06-27 188312]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 AsusSGDrv;@oem16.inf,%AsusSGDrv.SvcDesc%;ASUS Touch Service; C:\Windows\system32\DRIVERS\AsusSGDrv.sys [2015-12-18 141304]
R3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-05-10 38296]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw10x.sys [2015-09-08 4323976]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2015-07-29 601624]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2016-08-03 84992]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-08-17 53752]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-08-17 261624]
R3 HIDSwitch;@oem17.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2015-08-19 27872]
R3 iagpioe;@oem4.inf,%iagpioe.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpioe.sys [2015-06-03 41984]
R3 iai2ce;iai2ce; C:\Windows\System32\drivers\iai2ce.sys [2015-06-03 89592]
R3 igfxLP;igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [2015-10-26 5906320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-12-14 4705536]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-10-26 475384]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-06-27 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-06-27 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-06-27 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-06-29 93600]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-11-04 11202192]
R3 rt640x64;@oem13.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2015-07-15 887552]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-10-30 34144]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2015-10-30 1146880]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\Windows\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2016-08-03 112640]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2016-03-29 245760]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2016-08-03 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2016-08-03 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-11-22 117248]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i63x64.sys [2015-10-30 472576]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2016-10-25 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\System32\drivers\Netwsw00.sys [2015-10-30 11518976]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2016-08-03 181248]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-22 123704]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [2015-12-24 75264]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2015-07-29 323152]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-10 263304]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-06-10 4122816]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 esifsvc;@oem9.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-08-17 1385640]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-12-22 349728]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-08 153752]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-10-26 353896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 Kingsoft_WPS_UpdateService;WPS Office Update Service; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [2016-04-03 133480]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-10-30 1255728]
R2 OneSyncSvc_1367a1;Sync Host_1367a1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2017-03-10 592392]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-05-10 7346208]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_1367a1;Kontaktné údaje_1367a1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-10 143144]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_10670821;Sync Host_10670821; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1245ce4;Sync Host_1245ce4; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_27b87;Sync Host_27b87; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_293afb;Sync Host_293afb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_35cf5c2;Sync Host_35cf5c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3a8d504;Sync Host_3a8d504; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_405abf3;Sync Host_405abf3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_5d00393;Sync Host_5d00393; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_5e0226f;Sync Host_5e0226f; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-10-26 282216]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-10 143144]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-12-22 209952]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-08 153752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-05-22 881152]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_10670821;MessagingService_10670821; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1245ce4;MessagingService_1245ce4; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1367a1;MessagingService_1367a1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_27b87;MessagingService_27b87; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_293afb;MessagingService_293afb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_35cf5c2;MessagingService_35cf5c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3a8d504;MessagingService_3a8d504; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_405abf3;MessagingService_405abf3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5d00393;MessagingService_5d00393; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5e0226f;MessagingService_5e0226f; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-21 175560]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-06-10 257224]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_10670821;Kontaktné údaje_10670821; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1245ce4;Kontaktné údaje_1245ce4; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_27b87;Kontaktné údaje_27b87; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_293afb;Kontaktné údaje_293afb; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_35cf5c2;Kontaktné údaje_35cf5c2; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3a8d504;Kontaktné údaje_3a8d504; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_405abf3;Kontaktné údaje_405abf3; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5d00393;Kontaktné údaje_5d00393; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5e0226f;Kontaktné údaje_5e0226f; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2017-03-04 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

#10 Příspěvek od **Roli** » 29 čer 2017 18:12

stelinka píše:Je to lepšie aspoň sa mi zdá, ale nie úplne ideálne, neviem čím to môže byt. Bolo tam niečo?

No nejvíc PC dali zabrat ty dva antiviry, pak nějaká menší potvůrka.

Mbam nyní odinstaluj.

Ještě mu zkusíme trochu odlehčit.

Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :

Asus WebStorage Windows Service
Dropbox Update Service (dbupdate)
Dropbox Update Service (dbupdatem)
GamesAppIntegrationService
GamesAppService
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
WPS Office Update Service

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.

V Knihovně Plánovače úloh zakaž :

Dropbox Update bude to tam dvakrát
Wps Notify Task
Wps Update Task

Pak zas dej vědět zda je to lepší.

stelinka · #11 Příspěvek od **stelinka** » 01 črc 2017 12:34

všetko spravené a počítač sa už pekne rýchlo zapne aj vypne ale pri pozeraní stránok na internete je stále nejaký pomalý.

#12 Příspěvek od **Roli** » 03 črc 2017 17:14

stelinka píše:..... ale pri pozeraní stránok na internete je stále nejaký pomalý.

Zkus jiný prohlížeč nebo na chvilku vypnout Avast, protože už tam není co by jej jinak brzdilo.

stelinka · #13 Příspěvek od **stelinka** » 04 črc 2017 09:04

OK skúsim. Veľmi pekne ďakujem za pomoc.

#14 Příspěvek od **Roli** » 04 črc 2017 17:44

stelinka píše:OK skúsim. Veľmi pekne ďakujem za pomoc.

Zkud a pak dej vědět, případně v rámci možností mrkneme na hardware.

VIRY.CZ

preventivka - pomalý notebook

preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook

Re: preventivka - pomalý notebook