Prosim o preventivnu kontrolu

[Gabo]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Gabriel at 2016-09-04 10:11:33
Microsoft Windows 10 Home
System drive C: has 253 GB (66%) free of 381 GB
Total RAM: 8094 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:11:38, on 04.09.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Users\Gabriel\AppData\Local\Emotiplus\Emotiplus.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser_crashreporter.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\WINDOWS\SysWoW64\cmd.exe
C:\Program Files\AVAST Software\Avast\AvastNM.exe
C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
C:\Program Files\trend micro\Gabriel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus15.msn.com/?pc=ASTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [MyDriveConnect.exe] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA
O4 - HKCU\..\Run: [EmotiplusHelper] "C:\Users\Gabriel\AppData\Local\EmotiplusHelper\EmotiplusHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Emotiplus.lnk = C:\Users\Gabriel\AppData\Local\Emotiplus\Emotiplus.exe
O4 - Global Startup: avast! SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{6943eecd-6be0-4240-b084-ce0110f9714c}: NameServer = 212.242.39.189 212.242.40.51
O17 - HKLM\System\CCS\Services\Tcpip\..\{75aa0816-02d0-4cc0-bdbb-21c3ea8f96ce}: NameServer = 77.234.40.79
O17 - HKLM\System\CCS\Services\Tcpip\..\{d064c0ec-5ca3-4bb7-aa9a-9231df964ef7}: NameServer = 212.242.39.189 212.242.40.51
O17 - HKLM\System\CCS\Services\Tcpip\..\{ec61283b-06e1-492b-bd30-5a7dae9ad891}: NameServer = 212.242.39.189 212.242.40.51
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
O23 - Service: Asus GiftBox Desktop (ASUSGiftBoxDekstop) - ASUS - C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem41.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWoW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: WPS Office Update Service (Kingsoft_WPS_UpdateService) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\WINDOWS\system32\\spdsvc.exe
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12814 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f53877fe-da4f-4426-b185-f2e5bdec13fc -SystemEventPortName:HostProcess-febce0cf-c4e9-4399-b729-cfe3c081a699 -IoCancelEventPortName:HostProcess-9be6b5d5-ac0c-4ace-814e-16cc0db65cb1 -NonStateChangingEventPortName:HostProcess-52f57660-3831-4e61-aeca-7552b86fd571 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6da51be3-c354-4dc6-838f-3b01af53279d -DeviceGroupId:
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe"
C:\WINDOWS\SysWoW64\esif_uf.exe
C:\WINDOWS\SysWoW64\\spdsvc.exe
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\System32\svchost.exe -k utcsvc

"C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe" "C:/Program Files (x86)/Mobile Partner/UpdateDog/"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
dashost.exe {4b50de80-0e61-479b-816a6bfd54919826}
C:\WINDOWS\system32\AUDIODG.EXE 0x5b4

C:\WINDOWS\System32\WinLogon.exe -SpecialSession

"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
igfxEM.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" -startwithoutDA
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Users\Gabriel\AppData\Local\Emotiplus\Emotiplus.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6cb26bf8-dfd9-4453-8fac-ffb66978b200 -SystemEventPortName:HostProcess-79274173-6898-4f9e-a91b-2ac6994f9a24 -IoCancelEventPortName:HostProcess-dfdb1699-616b-44b6-9730-fb9a84ce46a4 -NonStateChangingEventPortName:HostProcess-e1c885ea-c128-4a95-9a56-9808d2fe3e74 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7dd47929-c46e-4363-baa0-04c795df8f79 -DeviceGroupId:WpdFsGroup
"C:\ProgramData\DatacardService\DCSHelper.exe"
C:\ProgramData\DatacardService\DCSHelper.exe /R "C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe"
"C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe"
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\InstallAgent.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --ran-launcher
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=11504
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --enable-features=DownloadResumption --type=gpu-process --channel="11504.0.1502313326\490366936" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,25,46,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4268 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --mojo-platform-channel-handle=1408 --ignored=" --type=renderer "
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=2741A813151E879C3FF1E1152354E76A --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.2.1677458815\2036727385" --mojo-platform-channel-handle=2116
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=052498ADC2956841DAD833B7ADE01E77 --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.3.1597067633\372815784" --mojo-platform-channel-handle=2716
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=F6DA4A8241FD740036662A05CD733A9D --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.4.257909233\1215484919" --mojo-platform-channel-handle=2764
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=465AAB7FA7809C01D30D658A41AAF9F9 --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.5.525322740\822766861" --mojo-platform-channel-handle=2784
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=A99A77D754322871C8DB901A3917C790 --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.6.1375921169\1990694671" --mojo-platform-channel-handle=2792
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=08608DA1BB29A7CED626F20F0FCCE6EA --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.7.1161737121\1680066829" --mojo-platform-channel-handle=2896
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=F171DC74F2D732C4CA5EC9DACBE13D62 --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.8.1102026349\833035858" --mojo-platform-channel-handle=2948
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=66FB98A16C4662CC9E362379D7C5BC7B --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.9.2010375690\1358394396" --mojo-platform-channel-handle=2960
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=3D6A4E4AFA1B84D9A7C9458FFB611D25 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.10.273918660\1235603210" --mojo-platform-channel-handle=2984
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=6B44E7DC6EFE8CE7F0403302BE1A9C37 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.11.770506353\577948594" --mojo-platform-channel-handle=3112
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=985A81D4D142B753CD30B2F84574C920 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.12.30960130\1508102833" --mojo-platform-channel-handle=3268
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=72F7634BBD7A1739184A4B4FE88DD66B --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.13.726987366\1597386541" --mojo-platform-channel-handle=3292
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=95CB0D9962D8FA0805CB382C83B754EA --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.14.1346527314\1313629154" --mojo-platform-channel-handle=3312
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=E441A550C667A09846D3F364D18B9939 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.15.790245222\192892530" --mojo-platform-channel-handle=3332
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=1CCCC7FAD0276C8A7E31ACC5BE3DDCA6 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.16.500009082\2105612158" --mojo-platform-channel-handle=3352
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=9AF9420D0B4F6F3726FEFB642656B8C6 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.17.1180578147\1306206824" --mojo-platform-channel-handle=8576
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\AVAST Software\Avast\AvastNM.exe" --parent-window=0 chrome-extension://lhnnoklckomcfdlknmjaenoodlpfdclc/ < \\.\pipe\chrome.nativeMessaging.in.491afdc542e26ab1 > \\.\pipe\chrome.nativeMessaging.out.491afdc542e26ab1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\AvastNM.exe" --parent-window=0 chrome-extension://lhnnoklckomcfdlknmjaenoodlpfdclc/
/S
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=F80ED05ACE110E3B490F00CBC0E8F878 --lang=sk --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --with-feature:installer-hide-from-program-and-features=on --with-feature:installer-pref-default-overrides-support=off --crash-reporter-pid=2620 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="11504.21.1758658923\1777147801" --mojo-platform-channel-handle=10048
"C:\Users\Gabriel\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\WpsNotifyTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe -from=task
C:\WINDOWS\tasks\WpsNotifyTask_Gabriel.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe -from=task
C:\WINDOWS\tasks\WpsUpdateTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe -from=task
C:\WINDOWS\tasks\WpsUpdateTask_Gabriel.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe -from=task

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30 629256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-06 554184]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-08-05 8894680]
"MyDriveConnect.exe"=C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2016-07-18 2093856]
"EmotiplusHelper"=C:\Users\Gabriel\AppData\Local\EmotiplusHelper\EmotiplusHelper.exe [2016-09-02 136088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [2015-05-31 63272]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-08-21 9103976]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
avast! SecureLine.lnk - C:\Program Files\AVAST Software\SecureLine\SecureLine.exe

C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Emotiplus.lnk - C:\Users\Gabriel\AppData\Local\Emotiplus\Emotiplus.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-04 10:11:33 ----D---- C:\rsit
2016-09-04 10:11:33 ----D---- C:\Program Files\trend micro
2016-08-21 18:14:37 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-08-21 18:14:30 ----A---- C:\WINDOWS\avastSS.scr
2016-08-18 14:32:13 ----A---- C:\WINDOWS\SYSWOW64\CNHMCA.dll
2016-08-18 14:32:13 ----A---- C:\WINDOWS\SYSWOW64\CNC5100U.dll
2016-08-18 14:32:13 ----A---- C:\WINDOWS\SYSWOW64\CNC5100L.dll
2016-08-18 14:32:13 ----A---- C:\WINDOWS\system32\CNHMCA6.dll
2016-08-18 14:32:13 ----A---- C:\WINDOWS\system32\CNC5100L.dll
2016-08-18 14:32:13 ----A---- C:\WINDOWS\system32\CNC5100I.dll
2016-08-18 14:32:13 ----A---- C:\WINDOWS\system32\CNC5100C.dll
2016-08-18 14:32:05 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-08-18 14:31:00 ----HD---- C:\ProgramData\CanonBJ
2016-08-18 14:30:42 ----A---- C:\WINDOWS\system32\CNMLMAD.DLL
2016-08-13 23:45:03 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-08-06 15:14:46 ----D---- C:\ProgramData\Microsoft OneDrive

======List of files/folders modified in the last 1 month======

2016-09-04 10:11:33 ----RD---- C:\Program Files
2016-09-04 10:08:19 ----D---- C:\WINDOWS\Temp
2016-09-04 10:07:56 ----D---- C:\AdwCleaner
2016-09-04 10:06:48 ----D---- C:\WINDOWS\Prefetch
2016-09-04 10:04:42 ----D---- C:\ProgramData\ASUS Smart Gesture
2016-09-04 10:04:27 ----D---- C:\WINDOWS\System32
2016-09-04 10:04:27 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-04 10:04:08 ----D---- C:\WINDOWS\system32\sru
2016-09-03 23:22:40 ----D---- C:\WINDOWS\system32\SleepStudy
2016-09-03 21:42:21 ----D---- C:\Users\Gabriel\AppData\Roaming\Skype
2016-09-03 12:30:22 ----D---- C:\WINDOWS\system32\drivers
2016-09-03 12:04:41 ----RD---- C:\WINDOWS\Microsoft.NET
2016-09-03 12:00:05 ----D---- C:\WINDOWS\system32\Tasks
2016-09-02 19:23:14 ----SHD---- C:\System Volume Information
2016-09-02 12:30:39 ----D---- C:\WINDOWS\system32\config
2016-09-02 12:28:10 ----D---- C:\Windows
2016-09-02 12:27:25 ----D---- C:\WINDOWS\AppReadiness
2016-08-29 21:27:34 ----SHDC---- C:\WINDOWS\Installer
2016-08-29 21:27:34 ----D---- C:\ProgramData\Skype
2016-08-29 21:27:30 ----RD---- C:\Program Files (x86)\Skype
2016-08-28 17:18:03 ----D---- C:\WINDOWS\INF
2016-08-28 17:17:47 ----D---- C:\WINDOWS\LiveKernelReports
2016-08-28 16:35:11 ----D---- C:\WINDOWS\CbsTemp
2016-08-28 16:34:57 ----D---- C:\WINDOWS\system32\catroot2
2016-08-28 16:34:53 ----D---- C:\WINDOWS\WinSxS
2016-08-26 18:44:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-22 14:22:50 ----D---- C:\Users\Gabriel\AppData\Roaming\Anvsoft
2016-08-22 14:22:17 ----RD---- C:\Program Files (x86)
2016-08-18 14:32:19 ----RSD---- C:\WINDOWS\Media
2016-08-18 14:32:16 ----D---- C:\WINDOWS\twain_32
2016-08-18 14:32:16 ----D---- C:\WINDOWS\SysWOW64
2016-08-18 14:32:14 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-18 14:31:00 ----HD---- C:\ProgramData
2016-08-17 21:02:11 ----D---- C:\WINDOWS\debug
2016-08-14 18:19:59 ----D---- C:\WINDOWS\system32\MRT
2016-08-14 18:17:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-14 14:15:49 ----D---- C:\WINDOWS\Logs
2016-08-12 14:28:41 ----D---- C:\WINDOWS\system32\restore
2016-08-07 14:19:33 ----DC---- C:\WINDOWS\Panther
2016-08-07 09:54:30 ----D---- C:\WINDOWS\appcompat
2016-08-07 09:53:31 ----D---- C:\WINDOWS\system32\WDI
2016-08-06 23:06:51 ----RD---- C:\WINDOWS\assembly
2016-08-06 17:40:58 ----HD---- C:\Program Files\WindowsApps
2016-08-06 15:18:22 ----AD---- C:\Program Files (x86)\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-08-21 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-21 292704]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-08-10 1462720]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-06-26 88256]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-07-16 45920]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-08-21 37144]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2016-08-21 453192]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-08-21 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-08-21 969560]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-08-21 513496]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-08-21 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-08-21 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2013-04-30 11576]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-08-21 37656]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2016-07-16 4233728]
R3 ATP;@oem10.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-12-14 101368]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-07-29 601624]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2016-07-16 84992]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2015-08-17 53752]
R3 dptf_pch;dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [2015-08-17 50696]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2015-08-17 261624]
R3 ew_usbenumfilter;@oem21.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-10-30 14336]
R3 HIDSwitch;@oem32.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 104960]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2012-08-20 90112]
R3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\System32\drivers\ew_juextctrl.sys [2012-08-20 30720]
R3 huawei_wwanecm;huawei_wwanecm; C:\WINDOWS\System32\drivers\ew_juwwanecm.sys [2012-12-03 241152]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-13 6410168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-30 4577024]
R3 MEIx64;@oem34.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-07-28 184608]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-12 11163792]
R3 rt640x64;@oem40.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-15 887552]
R3 RTSUER;@oem17.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-05-27 420440]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswTap;@oem4.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2016-04-10 44640]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-07-16 114176]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-07-16 247296]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-07-16 128000]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2016-07-16 965120]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-07-16 117248]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-07-16 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 IntcDAud;@oem23.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-12 472872]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2015-12-15 452240]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-07 123704]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [2015-05-31 71168]
R2 ASUSGiftBoxDekstop;Asus GiftBox Desktop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [2015-07-20 315704]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2015-07-29 323152]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-21 197128]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2016-08-21 223600]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_15a61085;CDPUserSvc_15a61085; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 esifsvc;@oem41.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWoW64\esif_uf.exe [2015-08-17 1385640]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-04-14 373312]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-13 370088]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-08-07 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-08-07 415520]
R2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937592]
R2 OneSyncSvc_15a61085;Sync Host_15a61085; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 Samsung Printer Dianostics Service;Samsung Printer Dianostics Service; C:\WINDOWS\syswow64\\spdsvc.exe [2015-11-05 491328]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2016-05-24 592392]
R2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 Kingsoft_WPS_UpdateService;WPS Office Update Service; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [2015-08-15 133480]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 MessagingService_15a61085;MessagingService_15a61085; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [2012-11-12 657504]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-13 300472]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_15a61085;Kontaktné údaje_15a61085; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-07-16 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Gabo]

# AdwCleaner v6.010 - Log soubor vytvořen 04/09/2016 na 14:18:17
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-03.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Gabriel - DESKTOP-MRARMTK
# Beží od : C:\Users\Gabriel\Desktop\bezpecnost\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4026 Bajtů] - [21/12/2015 18:17:32]
C:\AdwCleaner\AdwCleaner[C2].txt - [2816 Bajtů] - [29/12/2015 19:20:41]
C:\AdwCleaner\AdwCleaner[C3].txt - [950 Bajtů] - [04/09/2016 14:18:17]
C:\AdwCleaner\AdwCleaner[S10].txt - [1599 Bajtů] - [16/06/2016 21:16:37]
C:\AdwCleaner\AdwCleaner[S11].txt - [1673 Bajtů] - [18/06/2016 22:34:30]
C:\AdwCleaner\AdwCleaner[S12].txt - [1780 Bajtů] - [24/06/2016 17:20:30]
C:\AdwCleaner\AdwCleaner[S13].txt - [2121 Bajtů] - [15/07/2016 11:30:14]
C:\AdwCleaner\AdwCleaner[S14].txt - [1930 Bajtů] - [18/07/2016 20:45:33]
C:\AdwCleaner\AdwCleaner[S15].txt - [2004 Bajtů] - [20/07/2016 00:01:59]
C:\AdwCleaner\AdwCleaner[S16].txt - [2078 Bajtů] - [27/07/2016 15:59:02]
C:\AdwCleaner\AdwCleaner[S17].txt - [2154 Bajtů] - [06/08/2016 23:12:08]
C:\AdwCleaner\AdwCleaner[S18].txt - [2228 Bajtů] - [11/08/2016 21:32:28]
C:\AdwCleaner\AdwCleaner[S19].txt - [2670 Bajtů] - [17/08/2016 21:12:39]
C:\AdwCleaner\AdwCleaner[S1].txt - [2980 Bajtů] - [21/12/2015 18:13:07]
C:\AdwCleaner\AdwCleaner[S20].txt - [2745 Bajtů] - [22/08/2016 16:37:17]
C:\AdwCleaner\AdwCleaner[S21].txt - [3060 Bajtů] - [27/08/2016 13:41:03]
C:\AdwCleaner\AdwCleaner[S22].txt - [3114 Bajtů] - [04/09/2016 10:07:56]
C:\AdwCleaner\AdwCleaner[S23].txt - [3189 Bajtů] - [04/09/2016 14:17:41]
C:\AdwCleaner\AdwCleaner[S2].txt - [1335 Bajtů] - [29/12/2015 19:18:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [2608 Bajtů] - [01/01/2016 22:36:32]
C:\AdwCleaner\AdwCleaner[S4].txt - [3332 Bajtů] - [17/01/2016 22:03:19]
C:\AdwCleaner\AdwCleaner[S5].txt - [3341 Bajtů] - [25/01/2016 17:38:36]
C:\AdwCleaner\AdwCleaner[S6].txt - [3255 Bajtů] - [30/01/2016 22:07:21]
C:\AdwCleaner\AdwCleaner[S7].txt - [1379 Bajtů] - [08/05/2016 10:53:49]
C:\AdwCleaner\AdwCleaner[S8].txt - [1444 Bajtů] - [08/05/2016 10:57:56]
C:\AdwCleaner\AdwCleaner[S9].txt - [1517 Bajtů] - [10/06/2016 20:13:15]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2739 Bajtů] ##########

[Rudy]

Toto je OK. Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[Gabo]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Gabriel (04-09-2016 15:35:10)
Running from C:\Users\Gabriel\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 20:10:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-129436727-2950081787-1452109107-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-129436727-2950081787-1452109107-503 - Limited - Disabled)
Gabriel (S-1-5-21-129436727-2950081787-1452109107-1001 - Administrator - Enabled) => C:\Users\Gabriel
Guest (S-1-5-21-129436727-2950081787-1452109107-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Any Video Converter 5.9.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Any Video Converter 5.9.9 (HKLM-x32\...\Any Video Converter) (Version: 5.9.9 - Anvsoft)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.5 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Emotiplus (HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\Emotiplus) (Version: 1.1.8.8 - Emotiplus)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
FormatFactory 3.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.9.5.0 - Free Time)
Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.2 - ASUS)
GD Hardware Scan (HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation)
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.009.09.00.104 - Huawei Technologies Co.,Ltd)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Ovládací panel NVIDIA 353.84 (Version: 353.84 - NVIDIA Corporation) Hidden
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.46 (30.10.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(25.05.2015) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.23 (24.11.2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.2 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
TomTom MyDrive Connect 4.1.1.2797 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.1.2797 - TomTom)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
View User's Guide (HKLM-x32\...\View User Guide) (Version: 3.60.45.0 - )
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.2.524 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-129436727-2950081787-1452109107-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {075D3BB0-C7D0-4D13-A2A2-606269937FFB} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {14C4CC4A-2680-4D34-B3A5-6ECB61F5AD15} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-04-10] (AVAST Software)
Task: {2B0AAFE9-DB39-478C-8194-75B5526C9833} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-08-12] ()
Task: {3AF9ED4E-E2F1-4A5A-A841-555FA4B6C2FE} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {44566029-EA16-4B5A-9989-C516F7E91376} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {44A7AC56-3437-40BE-ADEC-1B8CA6904FF3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {4B46A766-DFC2-497D-81F9-C415190E2921} - System32\Tasks\{1C2222E8-AFC1-4AFB-94E4-1299D8C4FC17} => c:\program files (x86)\opera\launcher.exe [2016-08-03] (Opera Software)
Task: {57AD262E-BD24-431B-9350-5E6AA70A47BF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {5E604451-5963-442B-9A13-058AE1020EE2} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {71C327D8-0F21-461B-ADD5-FD7AC5103A9A} - System32\Tasks\WpsUpdateTask_Gabriel => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: {7401ACD8-DB9C-4F99-9617-221ACAF0014B} - System32\Tasks\WpsNotifyTask_Gabriel => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: {77E1FC73-CD64-4EE8-85B9-68E507A5AA9E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {7EACF589-58B5-4B8E-B5E9-16312499D793} - System32\Tasks\{D3DF2ED6-A2A3-4777-BCF8-357B7A685FBE} => c:\program files\avast software\szbrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {8860A5BE-D63F-4090-82E2-86EBDE7D1871} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {8F474D49-1ADC-41CE-9E5A-CC6E0B5D5282} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-21] (AVAST Software)
Task: {94254821-995A-42C5-897F-8BC719AED836} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {9A05F3E6-4AFA-49D4-AE73-1F91E4EFFA6A} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {B987E089-521D-4F93-B77A-C3F29CDBF554} - System32\Tasks\Opera scheduled Autoupdate 1460286364 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software)
Task: {C36DB7B1-D667-4085-B479-3EE5B38305EE} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-30] (Realtek Semiconductor)
Task: {CDB2C720-F958-416A-A85D-2DA446DC481F} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {D891B3F2-1FF3-4E7D-8A51-22DDD7B64FC5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-30] (Realtek Semiconductor)
Task: {E9C89E67-6106-4AB5-8D0A-15575B37175E} - System32\Tasks\SafeZone scheduled Autoupdate 1460382171 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {EB8D1D62-C55D-4616-AE42-76CB3EA3342A} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {F1EED5F9-3955-498E-9F6E-922AE65FAF41} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {F3F4D75D-27FA-451C-9E4B-79D3C17396D3} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Gabriel.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Gabriel.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-04 21:43 - 2015-08-07 19:18 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-22 23:41 - 2015-06-11 15:58 - 00022528 _____ () C:\WINDOWS\System32\ssm4mlm.dll
2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-07-22 23:46 - 2015-11-05 21:02 - 00491328 _____ () C:\WINDOWS\SysWoW64\spdsvc.exe
2016-05-24 18:57 - 2016-05-24 18:57 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-04-10 12:30 - 2012-11-12 07:59 - 00657504 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-06 15:15 - 2016-08-06 15:15 - 00959168 _____ () C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00515072 _____ () C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2015-08-28 11:04 - 2015-08-13 15:42 - 00415656 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-16 13:43 - 2016-07-17 00:04 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-16 13:43 - 2016-07-17 00:04 - 01400320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-07-17 00:04 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 13:43 - 2016-07-17 00:04 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-16 13:43 - 2016-07-17 00:04 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2016-08-05 18:52 - 2016-08-05 18:52 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-07-17 00:07 - 2016-07-17 00:07 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-07-17 00:07 - 2016-07-17 00:07 - 00157184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-07-17 00:07 - 2016-07-17 00:07 - 29443072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-08-21 18:14 - 2016-08-21 18:14 - 00281272 _____ () C:\Program Files\AVAST Software\Avast\AvastNM.exe
2016-08-21 18:14 - 2016-08-21 18:14 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-03 23:02 - 2016-09-03 23:02 - 03080312 _____ () C:\Program Files\AVAST Software\Avast\defs\16090301\algo.dll
2016-08-21 18:14 - 2016-08-21 18:14 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-10 12:30 - 2009-01-10 20:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2016-04-10 12:30 - 2009-06-23 04:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2016-04-10 12:30 - 2012-10-31 11:14 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2016-04-10 12:30 - 2012-10-31 11:11 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2016-04-10 12:30 - 2012-11-12 05:48 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2016-04-10 12:30 - 2012-10-31 11:11 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 10:40 - 2015-08-25 10:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00588288 _____ () C:\Program Files (x86)\Mobile Partner\core.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00288256 _____ () C:\Program Files (x86)\Mobile Partner\sdk.dll
2016-04-10 12:29 - 2012-10-31 11:11 - 02417152 _____ () C:\Program Files (x86)\Mobile Partner\QtCore4.dll
2016-04-10 12:29 - 2012-10-31 11:33 - 09562624 _____ () C:\Program Files (x86)\Mobile Partner\QtGui4.dll
2016-04-10 12:29 - 2009-01-10 20:32 - 00011362 _____ () C:\Program Files (x86)\Mobile Partner\mingwm10.dll
2016-04-10 12:29 - 2009-06-23 04:42 - 00043008 _____ () C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll
2016-04-10 12:29 - 2012-11-23 08:12 - 00407040 _____ () C:\Program Files (x86)\Mobile Partner\Proxy.DLL
2016-04-10 12:29 - 2012-11-23 08:12 - 00158208 _____ () C:\Program Files (x86)\Mobile Partner\Trace.dll
2016-04-10 12:29 - 2012-11-23 08:12 - 00628224 _____ () C:\Program Files (x86)\Mobile Partner\Common.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00583168 _____ () C:\Program Files (x86)\Mobile Partner\PluginContainer.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00646144 _____ () C:\Program Files (x86)\Mobile Partner\AtCodec.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00729088 _____ () C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00195584 _____ () C:\Program Files (x86)\Mobile Partner\XCodec.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00247296 _____ () C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00166400 _____ () C:\Program Files (x86)\Mobile Partner\OSDialup.dll
2016-04-10 12:29 - 2012-11-23 08:12 - 00155136 _____ () C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00177152 _____ () C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00672768 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00219648 _____ () C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00142336 _____ () C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00157184 _____ () C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00730624 _____ () C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00065536 _____ () C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll
2016-04-10 12:29 - 2012-06-06 03:22 - 00155648 _____ () C:\Program Files (x86)\Mobile Partner\Win7Support.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 01124352 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00704000 _____ () C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00187392 _____ () C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00569344 _____ () C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:12 - 00158720 _____ () C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00236032 _____ () C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00102400 _____ () C:\Program Files (x86)\Mobile Partner\OSAdapt.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00201216 _____ () C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00131584 _____ () C:\Program Files (x86)\Mobile Partner\OSNDIS.dll
2016-04-10 12:29 - 2012-07-27 08:53 - 01114112 _____ () C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00702464 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00062976 _____ () C:\Program Files (x86)\Mobile Partner\OSCall.dll
2016-04-10 12:29 - 2012-06-06 03:22 - 00224256 _____ () C:\Program Files (x86)\Mobile Partner\tdpcvoice.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00581120 _____ () C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
2016-04-10 12:29 - 2012-10-31 11:11 - 00398336 _____ () C:\Program Files (x86)\Mobile Partner\QtXml4.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00168960 _____ () C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00270848 _____ () C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00323584 _____ () C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00391168 _____ () C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00593408 _____ () C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00097792 _____ () C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00117248 _____ () C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00119296 _____ () C:\Program Files (x86)\Mobile Partner\ConnectMgrUIPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00330752 _____ () C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00302592 _____ () C:\Program Files (x86)\Mobile Partner\DiagnosisPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00493568 _____ () C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00854528 _____ () C:\Program Files (x86)\Mobile Partner\SMSUIPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:13 - 00818688 _____ () C:\Program Files (x86)\Mobile Partner\AddrBookUIPlugin.dll
2016-04-10 12:29 - 2012-11-23 08:14 - 00219648 _____ () C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll
2016-04-10 12:29 - 2012-11-12 05:48 - 00694272 _____ () C:\Program Files (x86)\Mobile Partner\LiveUpdateInterface.DLL
2016-04-10 12:29 - 2012-10-31 11:14 - 01148416 _____ () C:\Program Files (x86)\Mobile Partner\QtNetwork4.dll
2016-04-10 12:29 - 2012-11-01 14:10 - 00082944 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qgif4.dll
2016-04-10 12:29 - 2012-11-01 14:10 - 00081920 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qico4.dll
2016-04-10 12:29 - 2012-11-01 14:10 - 00192000 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qjpeg4.dll
2016-04-10 12:29 - 2012-11-01 14:10 - 00350720 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qmng4.dll
2016-04-10 12:29 - 2012-11-01 14:10 - 00370176 _____ () C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qtiff4.dll
2015-10-05 06:33 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-06 15:15 - 2016-08-06 15:15 - 00679624 _____ () C:\Users\Gabriel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll
2014-09-11 17:06 - 2014-09-11 17:06 - 00878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 00036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
2014-09-11 17:06 - 2014-09-11 17:06 - 00038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 00021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 00204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll
2014-09-11 17:08 - 2014-09-11 17:08 - 00015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 00015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 00307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 00014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 00252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll
2016-05-24 18:58 - 2016-05-24 18:57 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2016-06-21 19:13 - 2016-06-21 19:13 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-07 02:09 - 2015-08-07 02:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-08-21 18:15 - 2016-08-09 12:13 - 67856856 _____ () C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.dll
2016-08-21 18:15 - 2016-08-09 12:13 - 02182616 _____ () C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\libglesv2.dll
2016-08-21 18:15 - 2016-08-09 12:13 - 00084952 _____ () C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\libegl.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-129436727-2950081787-1452109107-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gabriel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{066b7c19-57db-4eb6-952d-4f257ecdbf4d}.jpg
DNS Servers: 212.242.39.189 - 212.242.40.51
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9BBCCEEA-85D6-4C17-8FD8-11817D1CD8BD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{8D060BCE-42C1-4F9F-8801-61620607EDD8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{BF55FD43-C78B-4D1A-8341-26D132CC0D10}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F3D9AA9C-5308-4804-BB36-8351E84A637F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{759E7531-5BF6-44A5-A14E-CA2CBE97227B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{CC704F57-6AED-468C-90B9-9E87C97444BA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{3A3225B9-BAAD-406F-8C14-ACE0AE9638BC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{9AC0C6D7-F8C3-4BF5-8572-27624B748DD8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{BD90FCA6-B22C-4F55-9FF5-CF03519EC4D5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{D25A8EE1-3965-4708-A9DB-78D93EB9ED07}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2107CC3E-86C2-4DBB-81B4-5E202E04B48F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{997E5C4D-F475-4989-BBDA-421E55F9DDCB}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{9443284D-F6B2-4D3C-9BA1-BCDEA0A98E98}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{6AF83D4F-0AF2-40B6-A2A1-208296B74F99}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{F08BAE93-4005-429B-A006-633D72D150FB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{EE86A185-8DEA-4FCE-8A3D-9B3AAFF4EDD8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{E311F7F5-C2F4-4D85-94F4-3302A89D340A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{98F487E4-99CB-451B-A195-7984AB20294A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{969E743A-89F2-4B35-8513-683360078FD3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{507367AE-F388-4D1E-9593-21BE0528A827}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Restore Points =========================

19-08-2016 19:07:39 Scheduled Checkpoint
28-08-2016 09:56:37 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2016 03:25:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0x2138
Čas spustenia chybujúcej aplikácie: 0x01d206afbdd3d44a
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: d90564c4-12b8-477c-82e1-b2833196a2fe
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 02:25:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0x61c
Čas spustenia chybujúcej aplikácie: 0x01d206a75c15b511
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 3b6733df-26bd-48a3-a398-f962146a961d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 02:09:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0x265c
Čas spustenia chybujúcej aplikácie: 0x01d206a52ec980d0
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 1e41f077-cb1e-40a1-8a30-9e5a4681e7ac
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 02:08:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0xbac
Čas spustenia chybujúcej aplikácie: 0x01d206a4ff45ac4a
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 8766514a-1ac7-4b4e-9a18-f275b984c591
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 02:00:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0x28d0
Čas spustenia chybujúcej aplikácie: 0x01d206a3ed105c74
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: a34a1763-d677-4652-9d04-20dd33b06b5d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 01:45:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0x1954
Čas spustenia chybujúcej aplikácie: 0x01d206a1cf5df291
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 0d77178b-40ed-4734-8c44-170663ab95cf
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 01:09:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0xaa4
Čas spustenia chybujúcej aplikácie: 0x01d2069ccd058f63
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 28011b0c-ba99-42a2-ac83-c93dd3dffca3
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 01:08:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0x4fc
Čas spustenia chybujúcej aplikácie: 0x01d2069c9d81bec6
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: fffbb1d8-02ce-4669-a5a9-26424de1fe9d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 01:00:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0x2b3c
Čas spustenia chybujúcej aplikácie: 0x01d2069b8b4b5ab9
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 0c4dff38-c053-4d4d-8d4b-bd78cc982055
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/04/2016 12:51:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: UpdateChecker.exe, verzia: 0.0.0.0, časová značka: 0x559e27a7
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.0, časová značka: 0x57898d9d
Kód výnimky: 0xc0000374
Odstup chyby: 0x000d9841
Identifikácia chybujúceho procesu: 0x2dc4
Čas spustenia chybujúcej aplikácie: 0x01d2069987dcaa7b
Cesta chybujúcej aplikácie: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 9e979226-3b68-468f-93f5-06d5556a215a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (09/04/2016 02:20:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/04/2016 02:20:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/04/2016 02:20:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/04/2016 02:19:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Mobile Partner. RunOuc zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (09/04/2016 02:19:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Mobile Partner. RunOuc bol dosiahnutý časový limit (30000 ms).

Error: (09/04/2016 02:19:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Kingsoft_WPS_UpdateService zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (09/04/2016 02:19:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Kingsoft_WPS_UpdateService bol dosiahnutý časový limit (30000 ms).

Error: (09/04/2016 02:18:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/04/2016 02:18:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/04/2016 02:18:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GamesAppIntegrationService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


CodeIntegrity:
===================================
Date: 2016-08-14 12:05:12.967
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 35%
Total physical RAM: 8094.39 MB
Available physical RAM: 5224.66 MB
Total Virtual: 9374.39 MB
Available Virtual: 6153.05 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:246.85 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:536.32 GB) NTFS
Drive e: (Mobile Partner) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9764D089)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Toto je pouze Additional. Potřebuji ještě log FRST.

[Gabo]

Pardon, som sa v tom malicko stratil

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Gabriel (administrator) on DESKTOP-MRARMTK (04-09-2016 15:34:21)
Running from C:\Users\Gabriel\Desktop
Loaded Profiles: Gabriel (Available Profiles: Gabriel)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Windows\SysWOW64\spdsvc.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Emotiplus) C:\Users\Gabriel\AppData\Local\Emotiplus\Emotiplus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser_crashreporter.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
() C:\Program Files\AVAST Software\Avast\AvastNM.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSPanel.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53_0\SZBrowser.exe
(forum.viry.cz) C:\Users\Gabriel\AppData\Local\Temp\scoped_dir10120_20849\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [63272 2015-05-31] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2016-08-21] (AVAST Software)
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2093856 2016-07-18] (TomTom)
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\Run: [EmotiplusHelper] => C:\Users\Gabriel\AppData\Local\EmotiplusHelper\EmotiplusHelper.exe [136088 2016-09-02] (Emotiplus)
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {7cf8fa22-ff30-11e5-9bd7-28c2ddb4cec1} - "E:\AutoRun.exe"
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {7ebc61f7-5a83-11e6-ab20-b95b033c174b} - "E:\AutoRun.exe"
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {febce79b-5ccf-11e6-9be8-f832e4d27fc7} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-21] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-10-05]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Startup: C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Emotiplus.lnk [2016-07-03]
ShortcutTarget: Emotiplus.lnk -> C:\Users\Gabriel\AppData\Local\Emotiplus\Emotiplus.exe (Emotiplus)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{470c5344-817a-4a66-b016-e307bb6e90be}: [DhcpNameServer] 192.168.56.1
Tcpip\..\Interfaces\{6943eecd-6be0-4240-b084-ce0110f9714c}: [NameServer] 212.242.39.189 212.242.40.51
Tcpip\..\Interfaces\{75aa0816-02d0-4cc0-bdbb-21c3ea8f96ce}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{c920f93b-015e-493c-a5e6-a503a8db64da}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d064c0ec-5ca3-4bb7-aa9a-9231df964ef7}: [NameServer] 212.242.39.189 212.242.40.51
Tcpip\..\Interfaces\{ec61283b-06e1-492b-bd30-5a7dae9ad891}: [NameServer] 212.242.39.189 212.242.40.51

Internet Explorer:
==================
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-21]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Opera:
=======
OPR StartupUrls: "hxxp://www.sme.sk/"
OPR Session Restore: -> is enabled.
OPR Extension: (AdBlock) - C:\Users\Gabriel\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-04-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [File not signed]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-21] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-08-21] (AVAST Software)
R2 esifsvc; C:\Windows\SysWoW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370088 2015-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [491328 2015-11-05] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-21] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2016-08-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-21] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-21] (AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-04-10] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-21] (AVAST Software)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R3 huawei_wwanecm; C:\Windows\System32\drivers\ew_juwwanecm.sys [241152 2012-12-03] (Huawei Technologies Co., Ltd.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 15:34 - 2016-09-04 15:34 - 00017087 _____ C:\Users\Gabriel\Desktop\FRST.txt
2016-09-04 15:34 - 2016-09-04 15:34 - 00000000 ____D C:\FRST
2016-09-04 15:33 - 2016-09-04 15:33 - 00112640 _____ (forum.viry.cz) C:\Users\Gabriel\Desktop\FRSTLauncher.exe
2016-09-04 15:31 - 2016-09-04 15:33 - 02397696 _____ (Farbar) C:\Users\Gabriel\Desktop\FRST64.exe
2016-09-04 15:07 - 2016-09-04 15:28 - 76021294 _____ C:\Users\Gabriel\Downloads\vl_720P_1051.0k_57236081.mp4
2016-09-04 15:07 - 2016-09-04 15:21 - 22384033 _____ C:\Users\Gabriel\Downloads\vl_480_681k_38020071.mp4
2016-09-04 15:04 - 2016-09-04 15:28 - 64981606 _____ C:\Users\Gabriel\Downloads\vl_720_1146k_57715081.mp4
2016-09-04 15:03 - 2016-09-04 15:17 - 54821439 _____ C:\Users\Gabriel\Downloads\480P_600K_69123391.mp4
2016-09-04 14:19 - 2016-09-04 14:19 - 00258752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-04 13:53 - 2016-09-04 14:13 - 185166231 _____ C:\Users\Gabriel\Downloads\vl_720_1130k_55859501.mp4
2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\rsit
2016-09-04 10:11 - 2016-09-04 10:11 - 00000000 ____D C:\Program Files\trend micro
2016-09-03 13:22 - 2016-09-03 13:22 - 17864141 _____ C:\Users\Gabriel\Downloads\xvideos.com_7381de576b886b5f6ce6f8f9842240d0.mp4
2016-09-03 13:16 - 2016-09-03 13:16 - 42279563 _____ C:\Users\Gabriel\Downloads\xvideos.com_19cba99ecb49afc21e769efabf2a011e-1.mp4
2016-09-03 13:09 - 2016-09-03 13:09 - 20242334 _____ C:\Users\Gabriel\Downloads\xvideos.com_11b1dfbeacae0e84f9af794b1ab69041-2.mp4
2016-09-03 13:08 - 2016-09-03 13:09 - 37789071 _____ C:\Users\Gabriel\Downloads\xvideos.com_91857f9c5f526c7cbe4492e1d4ed296b.mp4
2016-09-03 13:07 - 2016-09-03 13:09 - 75915302 _____ C:\Users\Gabriel\Downloads\xvideos.com_e2b83e066eb94cdff1d25695572d7632.mp4
2016-09-03 13:07 - 2016-09-03 13:08 - 18978971 _____ C:\Users\Gabriel\Downloads\xvideos.com_38402d39a96c8801e3797163cde332d4.mp4
2016-09-03 10:46 - 2016-09-03 10:46 - 00000000 ____D C:\Users\Gabriel\Downloads\1136022964
2016-09-03 10:45 - 2016-09-03 10:45 - 00057470 _____ C:\Users\Gabriel\Downloads\1136022964.zip
2016-09-02 22:57 - 2016-09-02 22:57 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Emotiplus
2016-09-02 18:00 - 2016-09-02 18:02 - 06927667 _____ C:\Users\Gabriel\Downloads\vl_240P_300.0k_84140.mp4
2016-09-02 18:00 - 2016-09-02 18:02 - 06703656 _____ C:\Users\Gabriel\Downloads\vl_240P_299.0k_88718.mp4
2016-09-02 18:00 - 2016-09-02 18:01 - 04111325 _____ C:\Users\Gabriel\Downloads\_293.0k_96441.mp4
2016-09-02 17:59 - 2016-09-02 18:05 - 31811808 _____ C:\Users\Gabriel\Downloads\480P_426K_264704.mp4
2016-09-02 17:52 - 2016-09-02 17:54 - 09419881 _____ C:\Users\Gabriel\Downloads\480P_600K_84916511.mp4
2016-09-02 17:50 - 2016-09-02 17:53 - 10153757 _____ C:\Users\Gabriel\Downloads\240P_400K_66821911.mp4
2016-09-02 17:49 - 2016-09-02 17:53 - 13751678 _____ C:\Users\Gabriel\Downloads\vl_240P_248.0k_58265111.mp4
2016-09-02 17:36 - 2016-09-02 17:59 - 98164751 _____ C:\Users\Gabriel\Downloads\480P_600K_75576741.mp4
2016-09-02 17:35 - 2016-09-02 17:38 - 20020142 _____ C:\Users\Gabriel\Downloads\vl_480_724k_18832262.mp4
2016-09-02 17:32 - 2016-09-02 17:37 - 47402042 _____ C:\Users\Gabriel\Downloads\vl_720P_1061.0k_46812492.mp4
2016-09-02 17:31 - 2016-09-02 17:40 - 69942351 _____ C:\Users\Gabriel\Downloads\vl_720_776k_48935791.mp4
2016-09-02 15:04 - 2016-09-02 15:04 - 00000000 ____D C:\Users\Gabriel\Downloads\vicky5mesiacovatvrplusrozlkazoslobodoumaja
2016-08-31 10:48 - 2016-08-31 10:48 - 00692768 _____ C:\Users\Gabriel\Downloads\topaz.pdf
2016-08-27 23:38 - 2016-08-27 23:38 - 00000000 ____D C:\Users\Public\Documents\ASUS_Hipost
2016-08-27 16:57 - 2016-08-27 16:57 - 03133810 _____ C:\Users\Gabriel\Downloads\navod-na-pouzitie-HRX-426-C.pdf
2016-08-27 16:56 - 2016-08-27 16:56 - 00405216 _____ C:\Users\Gabriel\Downloads\1SEK5003-honda_gxv160_sk.pdf
2016-08-27 13:44 - 2016-08-27 13:44 - 00003554 _____ C:\Users\Gabriel\Desktop\Rkill.txt
2016-08-21 20:19 - 2016-08-21 20:19 - 00000000 ____D C:\Users\Gabriel\Downloads\vselico
2016-08-21 20:18 - 2016-08-21 20:19 - 10533444 _____ C:\Users\Gabriel\Downloads\vselico.zip
2016-08-21 18:14 - 2016-08-21 18:14 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-21 18:14 - 2016-08-21 18:14 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-21 15:04 - 2016-08-21 15:04 - 00769638 _____ C:\Users\Gabriel\Downloads\534697_karta_nemovitosti.pdf
2016-08-21 11:08 - 2016-08-21 11:09 - 29473274 _____ C:\Users\Gabriel\Downloads\7pdf.pdf
2016-08-20 15:03 - 2016-08-20 15:03 - 19614502 _____ C:\Users\Gabriel\Downloads\SaS_OLANO_Kalinoviny_final_I_internal.pdf
2016-08-20 14:51 - 2016-08-20 14:51 - 00000000 ____D C:\Users\Gabriel\Downloads\fotky
2016-08-20 14:50 - 2016-08-20 14:50 - 05400520 _____ C:\Users\Gabriel\Downloads\fotky.zip
2016-08-18 14:42 - 2016-08-18 14:42 - 00120972 _____ C:\Users\Gabriel\Desktop\Ticket.pdf
2016-08-18 14:32 - 2016-08-18 14:32 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-08-18 14:32 - 2016-08-18 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5100 series
2016-08-18 14:32 - 2010-03-18 19:26 - 00348672 _____ (CANON INC.) C:\WINDOWS\system32\CNC5100L.dll
2016-08-18 14:32 - 2010-03-18 19:25 - 00307200 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC5100L.dll
2016-08-18 14:32 - 2010-03-18 17:13 - 01354240 _____ (CANON INC.) C:\WINDOWS\system32\CNC5100C.dll
2016-08-18 14:32 - 2010-03-18 17:13 - 00112128 _____ (CANON INC.) C:\WINDOWS\system32\CNC5100I.dll
2016-08-18 14:32 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC5100U.dll
2016-08-18 14:32 - 2009-11-17 15:17 - 00012800 _____ C:\WINDOWS\SysWOW64\CNC1748D.TBL
2016-08-18 14:32 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2016-08-18 14:32 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2016-08-18 14:31 - 2016-08-18 14:31 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-08-18 14:30 - 2010-08-25 05:00 - 00361472 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAD.DLL
2016-08-17 21:00 - 2016-08-17 21:00 - 08227032 _____ (Piriform Ltd) C:\Users\Gabriel\Downloads\ccsetup521.exe
2016-08-16 21:25 - 2016-08-16 21:27 - 26506197 _____ C:\Users\Gabriel\Downloads\Mackyyyyyy.mp4
2016-08-16 21:18 - 2016-08-16 21:18 - 00784043 _____ C:\Users\Gabriel\Downloads\ucebnicovy skok.mp4
2016-08-14 18:01 - 2016-08-14 18:01 - 04117216 _____ (Husdawg, LLC) C:\Users\Gabriel\Downloads\Detection.exe
2016-08-13 23:45 - 2016-08-13 23:42 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-08-12 20:02 - 2016-08-12 21:13 - 00024404 _____ C:\Users\Gabriel\Desktop\užofka.odt
2016-08-07 14:20 - 2016-08-07 14:20 - 00024320 _____ C:\Users\Gabriel\Documents\cc_20160807_142004.reg
2016-08-06 15:14 - 2016-08-06 15:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-06 15:12 - 2016-08-06 21:42 - 00000000 ____D C:\Users\Gabriel\AppData\Local\ConnectedDevicesPlatform
2016-08-06 15:12 - 2016-08-06 15:12 - 00000020 ___SH C:\Users\Gabriel\ntuser.ini

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 15:29 - 2016-08-04 21:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-04 14:20 - 2016-08-04 21:42 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-04 14:20 - 2016-05-01 15:28 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-09-04 14:20 - 2016-04-10 12:27 - 00000165 _____ C:\Users\Gabriel\AppData\Roaming\sp_data.sys
2016-09-04 14:20 - 2015-12-15 19:01 - 00000000 __SHD C:\Users\Gabriel\IntelGraphicsProfiles
2016-09-04 14:19 - 2016-08-04 22:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-04 14:18 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-04 14:18 - 2015-12-21 18:13 - 00000000 ____D C:\AdwCleaner
2016-09-04 12:49 - 2016-08-04 22:00 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-09-04 12:49 - 2016-08-04 22:00 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-09-04 00:09 - 2016-08-04 21:48 - 00000000 ____D C:\Users\Gabriel
2016-09-03 21:42 - 2016-04-10 16:29 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Skype
2016-09-03 16:59 - 2016-06-05 17:52 - 00000093 _____ C:\Users\Gabriel\Desktop\Nový textový dokument.txt
2016-09-02 15:24 - 2016-01-05 20:08 - 00000000 ____D C:\Users\Gabriel\Downloads\lla
2016-09-02 12:27 - 2016-08-04 22:00 - 00004252 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2016-09-02 12:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-29 21:27 - 2016-04-10 16:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-29 21:27 - 2016-04-10 16:28 - 00000000 ____D C:\ProgramData\Skype
2016-08-28 17:18 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-28 17:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-28 16:35 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-27 23:34 - 2015-12-25 23:40 - 00000000 ____D C:\Users\Gabriel\Desktop\bezpecnost
2016-08-27 10:48 - 2016-07-16 09:56 - 00000000 ____D C:\Users\Gabriel\AppData\Local\game-debate
2016-08-26 18:44 - 2015-08-15 07:21 - 00968314 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-22 14:22 - 2016-05-23 07:31 - 00001274 _____ C:\Users\Gabriel\Desktop\Any Video Converter.lnk
2016-08-22 14:22 - 2016-05-23 07:31 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Anvsoft
2016-08-21 18:15 - 2016-08-04 22:00 - 00004054 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1460382171
2016-08-21 18:15 - 2016-04-11 15:42 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-21 18:14 - 2016-08-04 22:00 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-21 18:14 - 2016-04-14 19:00 - 00453192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2016-08-21 18:14 - 2016-04-11 15:42 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-08-21 18:14 - 2016-04-10 18:15 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-08-21 18:14 - 2016-04-10 18:15 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-08-21 18:14 - 2016-04-10 18:15 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-08-21 18:14 - 2016-04-10 18:15 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-08-21 18:14 - 2016-04-10 18:15 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-08-21 18:14 - 2016-04-10 18:15 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-08-21 18:14 - 2016-04-10 18:15 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-08-21 18:14 - 2016-04-10 18:15 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-08-18 14:32 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-17 21:00 - 2016-07-20 10:29 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-17 15:21 - 2016-02-29 16:02 - 00000374 _____ C:\Users\Gabriel\Desktop\cisla uctov Majka, Kajika.txt
2016-08-16 18:58 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-14 18:19 - 2016-05-01 16:50 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-14 18:17 - 2016-05-01 16:50 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-07 14:19 - 2016-08-04 22:38 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-07 09:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-06 21:07 - 2016-04-10 18:15 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147051043679605
2016-08-06 21:06 - 2016-04-10 18:15 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147051043526504
2016-08-06 17:40 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-06 15:29 - 2016-04-10 12:25 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Packages
2016-08-06 15:18 - 2016-08-04 22:00 - 00003982 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1460286364
2016-08-06 15:18 - 2016-04-10 13:06 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-06 15:18 - 2016-04-10 12:36 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-06 15:15 - 2016-04-10 12:30 - 00002375 _____ C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-06 15:15 - 2015-12-15 19:04 - 00000000 ___RD C:\Users\Gabriel\OneDrive
2016-08-06 15:12 - 2015-10-05 06:21 - 00000000 __RHD C:\Users\Public\AccountPictures

==================== Files in the root of some directories =======

2016-04-10 12:27 - 2016-09-04 14:20 - 0000165 _____ () C:\Users\Gabriel\AppData\Roaming\sp_data.sys
2016-08-04 21:43 - 2016-08-04 21:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Gabriel\AppData\Local\Temp\libeay32.dll
C:\Users\Gabriel\AppData\Local\Temp\msvcr120.dll
C:\Users\Gabriel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Gabriel.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Gabriel.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Gabriel\Desktop" je 56 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {7cf8fa22-ff30-11e5-9bd7-28c2ddb4cec1} - "E:\AutoRun.exe"
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {7ebc61f7-5a83-11e6-ab20-b95b033c174b} - "E:\AutoRun.exe"
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {febce79b-5ccf-11e6-9be8-f832e4d27fc7} - "E:\AutoRun.exe"
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Gabriel\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Gabo]

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Gabriel (04-09-2016 18:17:24) Run:1
Running from C:\Users\Gabriel\Desktop
Loaded Profiles: Gabriel (Available Profiles: Gabriel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {7cf8fa22-ff30-11e5-9bd7-28c2ddb4cec1} - "E:\AutoRun.exe"
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {7ebc61f7-5a83-11e6-ab20-b95b033c174b} - "E:\AutoRun.exe"
HKU\S-1-5-21-129436727-2950081787-1452109107-1001\...\MountPoints2: {febce79b-5ccf-11e6-9be8-f832e4d27fc7} - "E:\AutoRun.exe"
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Gabriel\AppData\Local\Temp
End
*****************

"HKU\S-1-5-21-129436727-2950081787-1452109107-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7cf8fa22-ff30-11e5-9bd7-28c2ddb4cec1}" => key removed successfully
HKCR\CLSID\{7cf8fa22-ff30-11e5-9bd7-28c2ddb4cec1} => key not found.
"HKU\S-1-5-21-129436727-2950081787-1452109107-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ebc61f7-5a83-11e6-ab20-b95b033c174b}" => key removed successfully
HKCR\CLSID\{7ebc61f7-5a83-11e6-ab20-b95b033c174b} => key not found.
"HKU\S-1-5-21-129436727-2950081787-1452109107-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{febce79b-5ccf-11e6-9be8-f832e4d27fc7}" => key removed successfully
HKCR\CLSID\{febce79b-5ccf-11e6-9be8-f832e4d27fc7} => key not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Gabriel\AppData\Local\Temp" folder move:

Could not move "C:\Users\Gabriel\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-09-2016 18:19:52)

C:\Users\Gabriel\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:19:54 ====

[Rudy]

Smazáno, log by již měl být OK.

[Gabo]

Velke dakujem Rudy !

[Rudy]

Nemáte zač!