Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by okay (2016-04-15 22:50:20)
Running from C:\Users\okay\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-26 03:04:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3044859911-559667449-1221356402-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3044859911-559667449-1221356402-503 - Limited - Disabled)
Guest (S-1-5-21-3044859911-559667449-1221356402-501 - Limited - Disabled)
okay (S-1-5-21-3044859911-559667449-1221356402-1001 - Administrator - Enabled) => C:\Users\okay
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3044859911-559667449-1221356402-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
Adobe Reader XI (11.0.15) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.5 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.105 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
ContentPush (HKLM-x32\...\ContentPush) (Version: - )
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
EPSON SX230 Series Printer Uninstall (HKLM\...\EPSON SX230 Series) (Version: - SEIKO EPSON Corporation)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Invoice [v 1.06 (build 124] (HKLM-x32\...\HDsoftInvoice_is1) (Version: - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 353.84 (Version: 353.84 - NVIDIA Corporation) Hidden
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1050.0 - Passmark Software)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Ragnarok Online 2 (HKLM-x32\...\{1C8B2359-127E-490C-8F0B-CDA75F3C0126}) (Version: 2.5.9 - Gravity Interactive, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Reborn Full Client 2014-02-28 version 1 (HKLM-x32\...\Reborn Full Client 2014-02-28_is1) (Version: 1 - )
SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3044859911-559667449-1221356402-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\okay\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0508F4AF-2282-46ED-904B-FCEFFF844393} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation)
Task: {094ECDA1-232C-4745-98EE-DF9E12A23C2E} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2015-04-29] (AVAST Software)
Task: {096F95EA-B753-4A2A-AD6E-6D726C85BAAF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {0CDF5453-1B1B-42BF-9FD8-F770CCF6799D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-24] (Google Inc.)
Task: {1DB424F7-10FF-4E7B-BDF8-618DBD419A88} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {1DC714E7-B24E-447F-A5A1-A5DBECB6F80C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-23] (Dropbox, Inc.)
Task: {33142D38-6409-462F-B414-5A74393D6490} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {39246BB3-4E01-4886-ADEF-12B24EFFA06B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {56D09039-9C11-4B39-93F5-1345B5E4A4AD} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {5F9068FE-6597-453C-B896-163D3B941669} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-30] (Realtek Semiconductor)
Task: {6B1D6649-D402-4711-B96B-9F784D8251E0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-30] (Realtek Semiconductor)
Task: {6E497C7A-D5CF-4070-88D2-6E4AD9548091} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {78863035-668E-4313-B79C-CBDE9FE0BA8C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-01] (AVAST Software)
Task: {80DE2849-8A6E-4533-A335-4EFDA5EF6426} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {88257B9A-2551-484B-91CC-3F592EA14E35} - System32\Tasks\SafeZone scheduled Autoupdate 1456849394 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {8860A5BE-D63F-4090-82E2-86EBDE7D1871} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {8CBD0842-4C29-4159-917E-32BB1825C338} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-HC7INKD-okay DESKTOP-HC7INKD => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {91A8794B-4A69-4701-BDB7-7282CB9EB58E} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-01-31] ()
Task: {9A05F3E6-4AFA-49D4-AE73-1F91E4EFFA6A} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A431A51F-6E9A-42BD-8E03-150B27D3F224} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-08-12] (ASUSTeK Computer Inc.)
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {C2AD6D18-C76A-4F87-8762-8DBF35BB397C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {D48951C9-B566-4F4C-87BF-01E34AF62A94} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-08-12] ()
Task: {E060F919-7AA2-476A-A341-C8DB5544BB45} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {EB76AB6B-39A9-43F7-8143-0B0EE8125681} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {ECB16448-3E63-464C-A727-84CE9EC28FE0} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-23] (Dropbox, Inc.)
Task: {F3F4D75D-27FA-451C-9E4B-79D3C17396D3} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {FAD92383-3E2F-4CA9-81A4-F96F712B281D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-24] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-26 04:45 - 2015-08-07 19:18 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-19 10:33 - 2015-04-29 19:04 - 00445240 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-04-13 00:18 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-23 13:23 - 2016-01-23 13:23 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-24 13:31 - 2015-12-24 13:31 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-04-13 00:18 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-01-23 17:05 - 2014-01-23 17:05 - 08878248 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-12-26 04:37 - 2015-12-26 04:37 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 00:16 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 00:18 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 00:17 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 00:18 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 00:18 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-16 18:06 - 2016-03-16 18:06 - 46344704 _____ () C:\Program Files (x86)\ContentPush\app\bin\nw.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 02100064 _____ () C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
2016-04-11 22:56 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 22:56 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-04-11 22:30 - 2016-04-08 13:53 - 31407296 _____ () C:\Users\okay\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll
2016-03-01 00:25 - 2016-03-01 00:25 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-03-01 00:25 - 2016-03-01 00:25 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-14 23:51 - 2016-04-14 23:51 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041402\algo.dll
2016-04-14 22:55 - 2016-04-14 22:55 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-15 16:44 - 2016-04-15 16:44 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041500\algo.dll
2015-08-07 03:09 - 2015-08-07 03:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-01-23 13:23 - 2016-01-23 13:23 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-23 13:23 - 2016-01-23 13:23 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-19 10:14 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-19 10:33 - 2015-04-29 19:04 - 38561984 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2015-12-26 15:37 - 2015-12-26 15:37 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-03-16 18:06 - 2016-03-16 18:06 - 01481728 _____ () C:\Program Files (x86)\ContentPush\app\bin\libglesv2.dll
2016-03-16 18:06 - 2016-03-16 18:06 - 00073728 _____ () C:\Program Files (x86)\ContentPush\app\bin\libegl.dll
2016-03-16 18:05 - 2016-03-16 18:05 - 01681224 _____ () C:\Program Files (x86)\ContentPush\app\bin\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3044859911-559667449-1221356402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\okay\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\bernese-mountain-dog-2880x1800.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3044859911-559667449-1221356402-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8D55BE22-C1E5-48C8-B7F2-6B68DFC15B15}] => (Allow) C:\Users\okay\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DE2CCA0D-EA47-4335-86DF-DAD05062FE8C}] => (Allow) C:\Users\okay\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A1213D7F-2308-4075-BA17-C40C0CCCF318}] => (Allow) C:\Users\okay\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6AEB1284-284B-430D-BBA8-C8FFFBDD25CD}] => (Allow) C:\Users\okay\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F3C1AB2F-65A1-4B0C-9A04-095663669227}] => (Allow) C:\Users\okay\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{29B3ED2B-76CE-4A58-BF9B-2A2A7C9A7290}] => (Allow) C:\Users\okay\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8F09A70-5E26-4141-A917-038F629AA94E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9EF7F33E-E88E-4185-8C15-2F770B3B3874}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EEA32B42-785B-40F5-8E42-9634A7A01B53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1102D9C2-6F14-4733-94E9-49163AF3F0B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{68144BB2-E910-4767-9742-EECAAFE086AD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D9A7598E-22F9-4F98-AAA8-10944111CA87}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A77250D1-46F4-4F85-9154-9571A4BAA730}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8338D114-7BE2-4A7E-AB9D-5815278ABAD1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{49D9C1F9-6E20-419D-971E-A6D8BF8D49F5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6980127A-DA10-4EBD-8FF3-14EB8F13B9E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97817931-F5F2-4828-9246-195ED1EC06A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{938A30D1-E864-4782-AB9F-4AE59D6F0866}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{54E73D45-9EE0-4E63-BCB5-A66B7B616A1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{99AEC2C1-8FF0-462C-87A2-E7C575CFE4C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{07D957FB-C32F-494F-A1BA-7770F3669720}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
21-03-2016 21:01:42 Installed Adobe Reader XI - Slovak.
01-04-2016 23:22:03 Scheduled Checkpoint
12-04-2016 00:22:13 Installed Ragnarok Online 2
==================== Faulty Device Manager Devices =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/15/2016 10:37:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: mp3towav.exe, verzia: 0.0.0.0, časová značka: 0x2a425e19
Názov chybujúceho modulu: convert.dll, verzia: 1.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x00002fd0
Identifikácia chybujúceho procesu: 0x28c0
Čas spustenia chybujúcej aplikácie: 0xmp3towav.exe0
Cesta chybujúcej aplikácie: mp3towav.exe1
Cesta chybujúceho modulu: mp3towav.exe2
Identifikácia hlásenia: mp3towav.exe3
Celé meno chybujúceho balíka: mp3towav.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: mp3towav.exe5
Error: (04/15/2016 10:35:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: mp3towav.exe, verzia: 0.0.0.0, časová značka: 0x2a425e19
Názov chybujúceho modulu: convert.dll, verzia: 1.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x00002fd0
Identifikácia chybujúceho procesu: 0x1c28
Čas spustenia chybujúcej aplikácie: 0xmp3towav.exe0
Cesta chybujúcej aplikácie: mp3towav.exe1
Cesta chybujúceho modulu: mp3towav.exe2
Identifikácia hlásenia: mp3towav.exe3
Celé meno chybujúceho balíka: mp3towav.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: mp3towav.exe5
Error: (04/15/2016 04:43:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: igfxHK.exe, verzia: 6.15.10.4331, časová značka: 0x564cc83e
Názov chybujúceho modulu: igfxHK.exe, verzia: 6.15.10.4331, časová značka: 0x564cc83e
Kód výnimky: 0xc0000409
Odstup chyby: 0x0000000000015953
Identifikácia chybujúceho procesu: 0xbf4
Čas spustenia chybujúcej aplikácie: 0xigfxHK.exe0
Cesta chybujúcej aplikácie: igfxHK.exe1
Cesta chybujúceho modulu: igfxHK.exe2
Identifikácia hlásenia: igfxHK.exe3
Celé meno chybujúceho balíka: igfxHK.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: igfxHK.exe5
Error: (04/15/2016 02:52:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (04/15/2016 02:52:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (04/15/2016 02:46:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HC7INKD)
Description: Aktivácia aplikácie Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (04/15/2016 02:46:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HC7INKD)
Description: Aktivácia aplikácie Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (04/13/2016 02:44:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: ShellExperienceHost.exe, verzia: 10.0.10586.122, časová značka: 0x56cc0133
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.10586.71, časová značka: 0x5699d8e0
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006943bb
Identifikácia chybujúceho procesu: 0x10bc
Čas spustenia chybujúcej aplikácie: 0xShellExperienceHost.exe0
Cesta chybujúcej aplikácie: ShellExperienceHost.exe1
Cesta chybujúceho modulu: ShellExperienceHost.exe2
Identifikácia hlásenia: ShellExperienceHost.exe3
Celé meno chybujúceho balíka: ShellExperienceHost.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: ShellExperienceHost.exe5
Error: (04/13/2016 02:44:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WINWORD.EXE, verzia: 15.0.4420.1017, časová značka: 0x506742de
Názov chybujúceho modulu: igd10iumd64.dll, verzia: 20.19.15.4331, časová značka: 0x564cd09f
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000068390
Identifikácia chybujúceho procesu: 0x1bb0
Čas spustenia chybujúcej aplikácie: 0xWINWORD.EXE0
Cesta chybujúcej aplikácie: WINWORD.EXE1
Cesta chybujúceho modulu: WINWORD.EXE2
Identifikácia hlásenia: WINWORD.EXE3
Celé meno chybujúceho balíka: WINWORD.EXE4
Identifikácia chybujúcej aplikácie vzhľadom na balík: WINWORD.EXE5
Error: (04/12/2016 08:51:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Rag2.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1f64
Start Time: 01d19487778fab9d
Termination Time: 4294967295
Application Path: C:\Gravity\Ragnarok Online 2\SHIPPING\Rag2.exe
Report Id: f0c4f506-007a-11e6-9be0-80a589757eec
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (04/15/2016 04:55:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/15/2016 04:43:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Software Protection sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 4-krát.
Error: (04/15/2016 04:43:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Software Protection sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 3-krát.
Error: (04/15/2016 02:50:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Software Protection sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 300000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (04/15/2016 02:50:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Software Protection sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (04/15/2016 02:48:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Kingsoft_WPS_UpdateService zlyhalo kvôli nasledujúcej chybe:
%%1053
Error: (04/15/2016 02:48:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Kingsoft_WPS_UpdateService bol dosiahnutý časový limit (30000 ms).
Error: (04/15/2016 02:46:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {4EDD6725-7003-4120-A0BB-BBDEBA704FB7}
Error: (04/15/2016 02:46:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HC7INKD)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider
Error: (04/15/2016 02:46:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HC7INKD)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider
CodeIntegrity:
===================================
Date: 2016-04-15 14:49:35.961
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-14 23:52:41.516
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-23 18:10:17.827
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-21 20:04:47.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 13:44:20.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 09:48:50.630
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-09 18:50:56.854
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-04 22:31:01.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-25 22:33:14.447
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-17 16:46:16.487
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz
Percentage of memory in use: 47%
Total physical RAM: 8094.39 MB
Available physical RAM: 4215.21 MB
Total Virtual: 9374.39 MB
Available Virtual: 5141.86 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:304.11 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:515.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3B6F1C28)
Partition: GPT.
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Reklamy na ploche
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Reklamy na ploche
Zdravím!
Potřebuji vidět i 2. log. Toto je pouze additional.
Potřebuji vidět i 2. log. Toto je pouze additional.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?