crazylowerprice

[Magráta]

Dobrý den,
posílám log, protože mám podezření na jakousi bestii, co občas otvírá reklamy ap., když to nikdo nečeká, natož aby o to stál. V horní liště figuruje slovo crazylowerprice. McAfee včera pc vyčistil a teď hlásí vše ok. Děkuju předem, už jste mi párkrát pomohli. Tak tady je to:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dana at 2015-05-07 16:26:29
Microsoft Windows 8.1
System drive C: has 682 GB (89%) free of 763 GB
Total RAM: 8075 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:26:44, on 7. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dana.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\Windows\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\Windows\system32\DptfPolicyCriticalService.exe (file missing)
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\Windows\system32\DptfPolicyLpmService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11323 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\DptfParticipantProcessorService.exe
C:\Windows\system32\DptfPolicyConfigTDPService.exe
C:\Windows\system32\DptfPolicyCriticalService.exe
C:\Windows\system32\DptfPolicyLpmService.exe
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
dashost.exe {203ab67f-d259-4176-a24b5d859167340c}
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe"
"C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe"
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\ProcessMonitor\ProcessMonitor.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\ProcessMonitor\ProcessMonitor.dll",serv
taskhost.exe $(Arg0)

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
KBFiltr.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\DptfPolicyLpmServiceHelper.exe"
"C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"c:\program files\common files\mcafee\platform\mcuicnt.exe" /platui /runkey
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe" {4f939a60-8497-42bc-baec-bcd808ae6706} /pid=9652
"C:\Program Files\mcafee\VirusScan\mcods.exe"
"C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe" {ae4e98f0-d6bf-4978-b482-0c133f53f403} /pid=9652
/S
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5800.0.263453885\372468588" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Bootstrap/ExtensionUseSafeInstallation/Enable/GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHQPAllowMatchInTLDAndSchemeR2_PostPeriod/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_13/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5800 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5800.2.658714920\1823004410" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Bootstrap/ExtensionUseSafeInstallation/Enable/GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHQPAllowMatchInTLDAndSchemeR2_PostPeriod/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_13/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5800 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5800.3.1155367825\745200292" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Bootstrap/ExtensionUseSafeInstallation/Enable/GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHQPAllowMatchInTLDAndSchemeR2_PostPeriod/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_13/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5800 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5800.4.737524071\1665707577" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5800.7.341531056\354413936" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Bootstrap/ExtensionUseSafeInstallation/Enable/GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHQPAllowMatchInTLDAndSchemeR2_PostPeriod/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_13/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5800 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5800.9.490036604\107451144" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Manual install/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Bootstrap/ExtensionUseSafeInstallation/Enable/GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHQPAllowMatchInTLDAndSchemeR2_PostPeriod/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_13/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5800 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5800.14.1538478044\837034345" /prefetch:673131151
taskeng.exe {2B56073B-270F-4009-BBE0-F7F547D42D71}
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe841_ Global\UsGthrCtrlFltPipeMssGthrPipe841 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 580 584 592 65536 588

"C:\Users\Dana\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"DptfPolicyLpmServiceHelper"=C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [2013-09-11 111976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088]
"uTorrent"=C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe [2015-05-06 1694560]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2014-05-15 1080992]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [2014-02-25 63296]
"mcpltui_exe"=C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [2015-02-09 643064]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-07 16:26:29 ----D---- C:\rsit
2015-05-07 16:26:29 ----D---- C:\Program Files\trend micro
2015-05-04 13:58:06 ----D---- C:\Program Files (x86)\bIgdeaLL
2015-05-04 13:58:03 ----D---- C:\Program Files (x86)\bigdeaL
2015-05-04 13:58:00 ----D---- C:\Program Files (x86)\Use VLC for YouTube
2015-05-04 13:57:27 ----D---- C:\ProgramData\494524232423926668
2015-05-04 13:57:25 ----D---- C:\Program Files (x86)\boroowsei2bUy
2015-05-04 05:33:37 ----D---- C:\ProgramData\gifton
2015-05-02 08:52:33 ----D---- C:\Program Files (x86)\ProcessMonitor
2015-05-02 08:50:59 ----D---- C:\Program Files (x86)\Myths of the World - The Heart of Desolation Collectors Edition
2015-04-16 11:12:00 ----A---- C:\Windows\system32\drivers\HipShieldK.sys
2015-04-15 15:51:44 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-04-15 15:51:44 ----A---- C:\Windows\system32\msctf.dll
2015-04-15 15:51:16 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-04-15 15:51:16 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-04-15 15:51:16 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-04-15 15:51:16 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 15:51:16 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 15:51:16 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 15:51:16 ----A---- C:\Windows\system32\tracerpt.exe
2015-04-15 15:51:16 ----A---- C:\Windows\system32\tdh.dll
2015-04-15 15:51:16 ----A---- C:\Windows\system32\sechost.dll
2015-04-15 15:51:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 15:51:16 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 15:51:16 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 15:50:47 ----A---- C:\Windows\system32\lsm.dll
2015-04-15 15:50:20 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2015-04-15 15:50:20 ----A---- C:\Windows\system32\pku2u.dll
2015-04-15 15:49:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 15:49:57 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 15:49:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 15:49:56 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 15:49:56 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 15:49:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\jscript.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\inetcomm.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 15:49:55 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 15:49:21 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 15:48:54 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 15:48:54 ----A---- C:\Windows\system32\drivers\clfs.sys
2015-04-15 15:48:54 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 15:48:28 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 15:48:28 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 15:48:28 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 15:48:28 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 15:48:27 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 15:48:27 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 15:48:27 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 15:48:27 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 15:48:27 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\wups.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 15:48:27 ----A---- C:\Windows\system32\wuaext.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 15:48:27 ----A---- C:\Windows\system32\storewuauth.dll
2015-04-15 15:47:58 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 15:47:58 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 15:47:58 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 15:47:58 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 15:47:58 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 15:47:58 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 15:47:58 ----A---- C:\Windows\system32\acmigration.dll
2015-04-14 06:42:33 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2015-04-14 06:42:32 ----A---- C:\Windows\system32\drivers\vwififlt.sys
2015-04-10 17:09:29 ----D---- C:\Users\Dana\AppData\Roaming\EleFun Games
2015-04-09 16:06:24 ----D---- C:\Users\Dana\AppData\Roaming\Elephant Games

======List of files/folders modified in the last 1 month======

2015-05-07 16:26:39 ----D---- C:\Users\Dana\AppData\Roaming\Aegisub
2015-05-07 16:26:30 ----AD---- C:\Windows\Temp
2015-05-07 16:26:29 ----RD---- C:\Program Files
2015-05-07 16:25:15 ----D---- C:\Users\Dana\AppData\Roaming\uTorrent
2015-05-07 16:00:00 ----D---- C:\Windows\system32\sru
2015-05-07 15:28:28 ----HD---- C:\Program Files\WindowsApps
2015-05-07 05:30:13 ----D---- C:\Windows\Microsoft.NET
2015-05-06 13:21:46 ----D---- C:\Windows\system32\config
2015-05-05 16:31:32 ----D---- C:\Windows\SoftwareDistribution
2015-05-05 16:31:32 ----AD---- C:\Windows
2015-05-05 13:40:47 ----D---- C:\Windows\AppReadiness
2015-05-04 13:58:06 ----RD---- C:\Program Files (x86)
2015-05-04 13:57:27 ----HD---- C:\ProgramData
2015-05-04 13:49:47 ----SHD---- C:\System Volume Information
2015-05-04 13:37:16 ----D---- C:\Windows\Inf
2015-05-03 17:33:59 ----RD---- C:\Windows\System32
2015-05-03 17:33:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-03 06:36:07 ----D---- C:\Users\Dana\AppData\Roaming\Eipix
2015-04-30 07:18:50 ----D---- C:\Windows\debug
2015-04-24 06:19:59 ----D---- C:\Program Files (x86)\WildTangent Games
2015-04-19 13:08:32 ----D---- C:\Windows\Prefetch
2015-04-18 12:38:57 ----D---- C:\Windows\system32\DriverStore
2015-04-18 11:16:27 ----D---- C:\Windows\WinSxS
2015-04-18 11:15:14 ----D---- C:\Windows\system32\catroot2
2015-04-17 07:19:20 ----D---- C:\Windows\CbsTemp
2015-04-17 07:19:18 ----D---- C:\Windows\SysWOW64
2015-04-16 11:12:00 ----D---- C:\Windows\system32\drivers
2015-04-16 11:12:00 ----D---- C:\Windows\system32\catroot
2015-04-16 11:11:40 ----RD---- C:\Windows\assembly
2015-04-16 11:11:17 ----D---- C:\Program Files (x86)\McAfee
2015-04-16 06:34:44 ----D---- C:\Windows\rescache
2015-04-16 06:32:40 ----D---- C:\Windows\AppCompat
2015-04-15 21:51:14 ----D---- C:\Windows\system32\sk-SK
2015-04-15 21:51:14 ----D---- C:\Windows\system32\hu-HU
2015-04-15 21:51:14 ----D---- C:\Windows\system32\en-US
2015-04-15 21:51:14 ----D---- C:\Windows\system32\en-GB
2015-04-15 21:51:14 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 21:51:14 ----D---- C:\Windows\apppatch
2015-04-15 21:51:13 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-15 21:51:13 ----D---- C:\Windows\SYSWOW64\hu-HU
2015-04-15 21:51:13 ----D---- C:\Windows\SYSWOW64\en-GB
2015-04-15 21:51:13 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 21:51:13 ----D---- C:\Program Files\Internet Explorer
2015-04-15 17:04:54 ----D---- C:\Windows\system32\MRT
2015-04-15 17:03:28 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 17:02:09 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 17:02:09 ----D---- C:\Windows\system32\appraiser
2015-04-14 11:40:11 ----D---- C:\Windows\system32\wdi
2015-04-14 01:24:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTATH_BUS;@oem16.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-02-25 35016]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-09 644968]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-10-01 786304]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-10-01 348560]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2014-03-27 17152]
R3 AthBTPort;@oem19.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-02-25 89800]
R3 athr;@oem4.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-03-07 3892224]
R3 ATP;@oem14.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2014-03-31 71952]
R3 BTATH_A2DP;@oem18.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-02-25 355528]
R3 btath_avdt;@oem18.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-02-25 118984]
R3 BTATH_HCRP;@oem21.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-02-25 179432]
R3 BTATH_LWFLT;@oem23.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-02-25 77464]
R3 BTATH_RCP;@oem25.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-02-25 137928]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-02-25 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-10-01 72136]
R3 DptfDevDram;DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [2013-09-11 143568]
R3 DptfDevPch;DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [2013-09-11 114680]
R3 DptfDevProc;DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [2013-09-11 287160]
R3 DptfManager;DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [2013-09-11 494272]
R3 HIDSwitch;@oem22.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-18 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-22 3943384]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 kbfiltr;@oem24.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\Windows\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MEIx64;@oem2.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-10-23 99288]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-10-01 181584]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-10-01 313680]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-10-01 526360]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2014-09-19 447440]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-04-09 12697032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-17 843480]
R3 RTSPER;@oem15.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-07-24 423128]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2014-10-01 70608]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-17 450520]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2014-09-19 96600]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [2014-02-25 71680]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 DptfParticipantProcessorService;@oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application; C:\Windows\system32\DptfParticipantProcessorService.exe [2013-09-11 115632]
R2 DptfPolicyConfigTDPService;@oem20.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application; C:\Windows\system32\DptfPolicyConfigTDPService.exe [2013-09-11 116656]
R2 DptfPolicyCriticalService;@oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application; C:\Windows\system32\DptfPolicyCriticalService.exe [2013-09-11 148688]
R2 DptfPolicyLpmService;@oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application; C:\Windows\system32\DptfPolicyLpmService.exe [2013-09-11 124880]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-04-24 373312]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-18 282072]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-10-23 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-10-23 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-10-23 390616]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2015-02-27 562200]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [2015-01-22 422632]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-11-06 1050952]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-10-01 221832]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-10-01 189920]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-10-31 335064]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-04-08 925128]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-03-14 265808]
R3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2015-02-27 601864]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 cf05acd1;ProcessMonitor; C:\Windows\syswow64\rundll32.exe [2014-10-29 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-10 107848]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-18 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-10 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-09-02 827392]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2013-07-29 334608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2014-10-31 335064]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Magráta]

Posílám první log.
Zatím moc děkuju, DS
# AdwCleaner v4.203 - Log vytvořen 07/05/2015 v 20:33:35
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-05.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Dana - PC-OEM
# Spuštěno z : C:\Users\Dana\Downloads\adwcleaner_4.203.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Program Files (x86)\boroowsei2bUy
Složka Smazáno : C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\4952165d-e152-23b5-d777-2171793694a4
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{cf05acd1}
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v42.0.2311.135

[C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=PTV2&o=&src=crm&q={searchTerms}&locale=
[C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://searchab.com/?aff=7&uid=e32928c6-7145-11e2-be7e-0017c41afefb&q={searchTerms}
[C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd
[C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www3.iamwired.net/websearch.php?src=tops&search={SearchTerms}
[C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60076
[C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [2544 bytů] - [07/05/2015 20:31:25]
AdwCleaner[S0].txt - [2455 bytů] - [07/05/2015 20:33:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2513 bytů] ##########

[Magráta]

Log č. 2
Hezký večer, děkuju moc. Snad jsem nic nezvorala.
DS
Zoek.exe is running now.
Do not start any browser windows, they may get closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

[Magráta]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Dana on źt 07. 05. 2015 at 20:48:32,62.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dana\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7. 5. 2015 20:49:47 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\Users\Dana\AppData\Roaming\Elephant Games deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cf05acd1 deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\VideoLAN not found
C:\PROGRA~2\bigdeaL deleted
C:\PROGRA~2\ProcessMonitor deleted
C:\PROGRA~2\bIgdeaLL deleted
C:\PROGRA~2\Use VLC for YouTube deleted
C:\Users\Dana\AppData\Roaming\Aegisub deleted
C:\PROGRA~3\494524232423926668 deleted
C:\Users\Dana\AppData\Roaming\appdataFr3.bin deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dana\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Dana\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1250 folders=20 75304838 bytes)

==== Empty Temp Folders ======================

Možná zvorala, takže ještě tohle:
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dana\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 07. 05. 2015 at 21:00:32,17 ======================

[Magráta]

Asi jsem to přece zvorala.
Omlouvám se, díky moc, DS

[vyosek]

Je to v pohode

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Magráta]

Dobrý den,
mám jen jeden, vaše stránky mi zablokoval prohlížeč Chrome a bylo vymalováno.
Můžu zkusit jiný prohlížeč.
Zatím, DS

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Dana at 2015-05-08 13:13:25
Running from C:\Users\Dana\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4108021500-744762628-861933106-500 - Administrator - Disabled)
Dana (S-1-5-21-4108021500-744762628-861933106-1001 - Administrator - Enabled) => C:\Users\Dana
Guest (S-1-5-21-4108021500-744762628-861933106-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4108021500-744762628-861933106-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus a Antispyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus a Antispyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4108021500-744762628-861933106-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Aegisub 3.2.1 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.1 - Aegisub Team)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
K-Lite Mega Codec Pack 10.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.0 - )
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Myths of the World - The Heart of Desolation Collectors Edition (HKLM-x32\...\{09426681-7B5C-4488-8DA8-BE87504BAB0E}_is1) (Version: 1 - Big Fish Games)
NVIDIA Graphics Driver 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Potplayer (HKLM-x32\...\PotPlayer) (Version: - Daum Kakao Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Ulož.to File Manager verze 1.6 (HKLM-x32\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.6 - Nodus Technologies s.r.o.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.2 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4108021500-744762628-861933106-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

17-04-2015 08:44:22 McAfee Vulnerability Scanner
26-04-2015 15:16:06 Naplánovaný kontrolní bod
04-05-2015 13:49:34 Naplánovaný kontrolní bod
07-05-2015 20:49:26 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-05-07 20:49 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0510BE81-6876-4AD9-A063-23E0119AC9DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {099037C6-6562-49EB-AD8E-B8DD035CA33F} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {0F882907-6425-4EA9-A03B-A00FB38467E1} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {119FEAE2-8A7E-4269-B24D-176D66D4CD2B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor)
Task: {1B19686E-20F2-4421-8B81-99397D272F0B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {1CD5E034-C6A5-4036-991B-6DD2454D854E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-10] (Google Inc.)
Task: {2260735B-8B97-448A-A7FA-18E94B7C94DA} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-05-07] ()
Task: {23F5AF14-FD97-4AA4-A5C9-8C1A6F1C0D40} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2014-03-11] ()
Task: {2568E730-7817-4307-8F43-0860274DB15A} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {400E541F-44D8-4383-9FB4-566FA7305DF0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {6BD174DA-92D2-4D69-ACEC-454203211901} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-10] (Google Inc.)
Task: {75A20040-1589-4582-8FA5-D72750154094} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-05-07] ()
Task: {7632FC36-2B96-40BE-97CB-CFEC11B3F36D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AB3F7825-4055-4B18-A796-70B6322EB9C0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {CBD55618-C47C-4913-A5E9-2D575B70CD93} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor)
Task: {D6019B6E-E047-4FF3-BF02-B7AAAD939687} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-14 23:06 - 2014-04-08 23:06 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-26 00:14 - 2014-02-26 00:14 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 00:11 - 2014-02-26 00:11 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 00:17 - 2014-02-26 00:17 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-05-15 19:23 - 2014-05-15 19:23 - 00551440 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.315_x64__8wekyb3d8bbwe\SqliteWrapper.dll
2014-05-15 19:23 - 2014-05-15 19:23 - 00660920 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.315_x64__8wekyb3d8bbwe\Sqlite3.dll
2015-03-16 18:39 - 2015-03-16 18:39 - 00028160 _____ () C:\Users\Dana\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll
2015-03-14 10:22 - 2015-03-14 10:22 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\6382e6f5ad8b7a9db4f5cd4817e70319\Windows.Foundation.ni.dll
2015-03-14 10:22 - 2015-03-14 10:22 - 01278464 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\f9ac074d298db459c5eff6d3256861c8\Windows.Storage.ni.dll
2015-03-14 10:22 - 2015-03-14 10:22 - 01459712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\4bd80968bf666252841ca7792faaff11\Windows.UI.ni.dll
2015-05-07 15:27 - 2015-05-07 15:27 - 00280064 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.315_x64__8wekyb3d8bbwe\Microsoft.Bing.AppEx.Telemetry.winmd
2015-03-09 20:20 - 2015-03-09 20:20 - 00347136 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\94e2bc13589233f9d2cc54292717b8cf\Windows.Globalization.ni.dll
2015-03-14 10:22 - 2015-03-14 10:22 - 01782784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\3f4dc590466037f015f65bc07d1ea923\Windows.ApplicationModel.ni.dll
2015-03-14 10:22 - 2015-03-14 10:22 - 00632320 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Security\c7f6d022c5d5aec4891cb6b3b9934336\Windows.Security.ni.dll
2015-03-14 10:22 - 2015-03-14 10:22 - 00207872 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.System\a4efa88b742703220e527956d8ab4e84\Windows.System.ni.dll
2015-03-14 10:22 - 2015-03-14 10:22 - 01259520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Networking\8f0dd293f95c402613c49fb2fac85bdd\Windows.Networking.ni.dll
2015-03-16 18:39 - 2015-03-16 18:39 - 00117248 _____ () C:\Users\Dana\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll
2015-03-14 10:22 - 2015-03-14 10:22 - 01383936 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Web\b9985906d4d9f96e8c8047c4657a1388\Windows.Web.ni.dll
2015-03-09 20:21 - 2015-03-09 20:21 - 00467456 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\ea818a24554fc2db9a73de1e79afb286\Windows.Graphics.ni.dll
2015-03-09 20:21 - 2015-03-09 20:21 - 02019840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Devices\0b4b3f23bdebd1d056b32b31e2f746bb\Windows.Devices.ni.dll
2015-03-15 09:02 - 2015-03-15 09:02 - 00521216 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\fae2b750f87849ca11806d20b2504bf2\Windows.Data.ni.dll
2014-02-24 12:59 - 2014-02-24 12:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2012-03-08 04:27 - 2012-03-08 04:27 - 00016384 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ACVsWin.dll
2015-03-10 17:01 - 2014-09-14 10:52 - 17059840 _____ () C:\Program Files (x86)\Aegisub\aegisub32.exe
2014-11-14 23:01 - 2013-10-23 15:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 16:46 - 2014-04-02 16:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2015-03-10 17:01 - 2014-09-14 10:46 - 06863360 _____ () C:\Program Files (x86)\Aegisub\ffms2_32.dll
2015-05-01 07:26 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-05-01 07:26 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-05-01 07:26 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Dana\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4108021500-744762628-861933106-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dana\Pictures\China-Vacation 1.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C5CDA908-20B6-40A6-B674-18C188E30A78}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3F8BB5DD-1215-48F5-8CE9-84902C368607}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{615DDA4B-8C36-4192-B715-ECF5C7D1A9BC}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D6E0512D-CEAA-47B1-8584-A1413CADB201}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{8472F45E-84B6-44B5-815F-100C9BCB3575}] => (Allow) C:\Program Files (x86)\DAUM\PotPlayer\PotPlayerMini.exe
FirewallRules: [{4E354643-44DE-4716-8F08-DED22A0DC5DB}] => (Allow) C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9B8FB8FB-FA5E-4087-91CD-1242267EA954}] => (Allow) C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4604D287-5F56-4DDC-ABBE-8D33C2BE5959}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/08/2015 08:46:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.17667, časové razítko: 0x54c6f7c2
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.17736, časové razítko: 0x550f4336
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000082158
ID chybujícího procesu: 0x12fc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3
Úplný název chybujícího balíčku: Explorer.EXE4
ID aplikace související s chybujícím balíčkem: Explorer.EXE5

Error: (05/07/2015 08:48:47 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 3364. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:19 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 4500. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SearchFilterHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertyHandler.LoadProperty(IcarosPropertyHandler.PropertyMap)
na IcarosPropertyHandler.PropertyHandler.LoadProperties()
na IcarosPropertyHandler.PropertyHandler.IcarosPropertyHandler.IInitializeWithStream.Initialize(System.Runtime.InteropServices.ComTypes.IStream, IcarosPropertyHandler.AccessModes)

Error: (05/07/2015 08:45:12 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 3776. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SearchFilterHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertyHandler.LoadProperty(IcarosPropertyHandler.PropertyMap)
na IcarosPropertyHandler.PropertyHandler.LoadProperties()
na IcarosPropertyHandler.PropertyHandler.IcarosPropertyHandler.IInitializeWithStream.Initialize(System.Runtime.InteropServices.ComTypes.IStream, IcarosPropertyHandler.AccessModes)

Error: (05/07/2015 08:45:11 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 2840. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SearchFilterHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertyHandler.LoadProperty(IcarosPropertyHandler.PropertyMap)
na IcarosPropertyHandler.PropertyHandler.LoadProperties()
na IcarosPropertyHandler.PropertyHandler.IcarosPropertyHandler.IInitializeWithStream.Initialize(System.Runtime.InteropServices.ComTypes.IStream, IcarosPropertyHandler.AccessModes)

Error: (05/07/2015 08:45:10 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 5540. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SearchFilterHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertyHandler.LoadProperty(IcarosPropertyHandler.PropertyMap)
na IcarosPropertyHandler.PropertyHandler.LoadProperties()
na IcarosPropertyHandler.PropertyHandler.IcarosPropertyHandler.IInitializeWithStream.Initialize(System.Runtime.InteropServices.ComTypes.IStream, IcarosPropertyHandler.AccessModes)


System errors:
=============
Error: (05/07/2015 08:57:01 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:57:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:57:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:57:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:56:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:56:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:56:59 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:56:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:56:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 08:56:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Microsoft Office Sessions:
=========================
Error: (05/08/2015 08:46:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2ntdll.dll6.3.9600.17736550f4336c0000409000000000008215812fc01d0894a92f75bddC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dlle78d6543-f54d-11e4-8270-40e230581198

Error: (05/07/2015 08:48:47 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 3364. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:19 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 4500. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SearchFilterHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertyHandler.LoadProperty(IcarosPropertyHandler.PropertyMap)
na IcarosPropertyHandler.PropertyHandler.LoadProperties()
na IcarosPropertyHandler.PropertyHandler.IcarosPropertyHandler.IInitializeWithStream.Initialize(System.Runtime.InteropServices.ComTypes.IStream, IcarosPropertyHandler.AccessModes)

Error: (05/07/2015 08:45:12 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 3776. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SearchFilterHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertyHandler.LoadProperty(IcarosPropertyHandler.PropertyMap)
na IcarosPropertyHandler.PropertyHandler.LoadProperties()
na IcarosPropertyHandler.PropertyHandler.IcarosPropertyHandler.IInitializeWithStream.Initialize(System.Runtime.InteropServices.ComTypes.IStream, IcarosPropertyHandler.AccessModes)

Error: (05/07/2015 08:45:11 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 2840. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SearchFilterHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertyHandler.LoadProperty(IcarosPropertyHandler.PropertyMap)
na IcarosPropertyHandler.PropertyHandler.LoadProperties()
na IcarosPropertyHandler.PropertyHandler.IcarosPropertyHandler.IInitializeWithStream.Initialize(System.Runtime.InteropServices.ComTypes.IStream, IcarosPropertyHandler.AccessModes)

Error: (05/07/2015 08:45:10 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34014 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 5540. ID zprávy: [0x2509].

Error: (05/07/2015 08:45:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: SearchFilterHost.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
Zásobník:
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertySystemNativeMethods.PSCoerceToCanonicalValue(IcarosPropertyHandler.PropertyKey ByRef, IcarosPropertyHandler.PropVariant)
na IcarosPropertyHandler.PropertyHandler.LoadProperty(IcarosPropertyHandler.PropertyMap)
na IcarosPropertyHandler.PropertyHandler.LoadProperties()
na IcarosPropertyHandler.PropertyHandler.IcarosPropertyHandler.IInitializeWithStream.Initialize(System.Runtime.InteropServices.ComTypes.IStream, IcarosPropertyHandler.AccessModes)


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 43%
Total physical RAM: 8075.17 MB
Available physical RAM: 4544.35 MB
Total Pagefile: 9355.17 MB
Available Pagefile: 5503.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:745.21 GB) (Free:665.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:1096.7 GB) (Free:920.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 97B8801C)

Partition: GPT Partition Type.

==================== End Of Log ============================

[vyosek]

Jeste poprosim o log s nazvem FRST.txt

[Magráta]

Zase já.
Explorer byl povolnější, ale stažení zablokoval McAfee a nedá jinak i přes vypnutý firewall. Mám tenhle ntb krátce a jsou tu programy, na které si teprve zvykám,
takže teď nevím, co dál.
DS

[Magráta]

V souborech se mi našlo tohle, mohlo by to být ono?

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Dana (administrator) on PC-OEM on 08-05-2015 13:12:32
Running from C:\Users\Dana\Downloads
Loaded Profiles: Dana (Available profiles: Dana)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.374.0\McCSPServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(BitTorrent Inc.) C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\Core\mchost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
() C:\Program Files (x86)\Aegisub\aegisub32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-09-11] (Intel Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4108021500-744762628-861933106-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-4108021500-744762628-861933106-1001\...\Run: [uTorrent] => C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06] (BitTorrent Inc.)
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4108021500-744762628-861933106-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2015-03-14] ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-11-14]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=16805
CHR StartupUrls: Default -> "hxxp://google.com/", "hxxp://www.google.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-03-10]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-03-10]
CHR Extension: (YouTube) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Google Search) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (Bookmark Manager) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Cosmopolise) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipihgjdhjoldhpfpmiiimpnmohpfhkcm [2015-03-10]
CHR Extension: (Use VLC for YouTube) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhflamheoandbibgflojkjccnenjbda [2015-05-04]
CHR Extension: (Google Wallet) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-03-10]
CHR Extension: (Gmail) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-09-11] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-09-11] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-09-11] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-09-11] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-24] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [143568 2013-09-11] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-09-11] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-09-11] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-09-11] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-08 13:12 - 2015-05-08 13:13 - 00020564 _____ () C:\Users\Dana\Downloads\FRST.txt
2015-05-08 13:12 - 2015-05-08 13:12 - 00112640 _____ () C:\Users\Dana\Downloads\Nepotvrzeno 556162.crdownload
2015-05-08 13:11 - 2015-05-08 13:11 - 00112640 _____ () C:\Users\Dana\Downloads\Nepotvrzeno 477651.crdownload
2015-05-08 13:08 - 2015-05-08 13:12 - 00000000 ____D () C:\FRST
2015-05-08 13:07 - 2015-05-08 13:07 - 02102272 _____ (Farbar) C:\Users\Dana\Downloads\FRST64.exe
2015-05-08 11:27 - 2015-05-08 11:27 - 00089384 _____ () C:\Users\Dana\Desktop\Date ep01 (848x480 x264) cz.ass
2015-05-08 11:13 - 2015-05-08 11:13 - 00092384 _____ () C:\Users\Dana\Desktop\Date 1.txt
2015-05-08 10:21 - 2015-03-28 00:41 - 00089425 _____ () C:\Users\Dana\Desktop\Date ep01 (848x480 x264).ass
2015-05-08 10:20 - 2015-05-08 10:20 - 00023973 _____ () C:\Users\Dana\Desktop\Neko Zamurai 2 Ep03 cz.ass
2015-05-08 06:52 - 2015-05-08 11:27 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Aegisub
2015-05-08 06:52 - 2015-05-08 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-05-07 20:58 - 2015-05-07 20:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-07 20:49 - 2015-05-07 21:00 - 00004383 _____ () C:\zoek-results.log
2015-05-07 20:48 - 2015-05-07 20:57 - 00000000 ____D () C:\zoek_backup
2015-05-07 20:48 - 2003-02-02 06:00 - 01308672 _____ () C:\Users\Dana\Desktop\zoek.exe
2015-05-07 20:47 - 2015-05-08 07:10 - 01300146 _____ () C:\Users\Dana\Downloads\zoek.zip
2015-05-07 20:31 - 2015-05-08 07:31 - 00067072 ___SH () C:\Users\Dana\Downloads\Thumbs.db
2015-05-07 20:31 - 2015-05-07 20:33 - 00000000 ____D () C:\AdwCleaner
2015-05-07 20:30 - 2015-05-07 20:30 - 02204160 _____ () C:\Users\Dana\Downloads\adwcleaner_4.203.exe
2015-05-07 16:26 - 2015-05-07 16:26 - 01222144 _____ () C:\Users\Dana\Downloads\RSITx64.exe
2015-05-07 16:26 - 2015-05-07 16:26 - 00000000 ____D () C:\rsit
2015-05-07 16:26 - 2015-05-07 16:26 - 00000000 ____D () C:\Program Files\trend micro
2015-05-05 16:31 - 2015-05-08 09:44 - 00941594 _____ () C:\Windows\WindowsUpdate.log
2015-05-04 16:39 - 2015-05-03 00:33 - 00029482 _____ () C:\Users\Dana\Desktop\Neko Zamurai 2 Ep03 (848x480 x264).ass
2015-05-04 15:25 - 2015-05-04 15:27 - 181810686 ____R () C:\Users\Dana\Downloads\Neko.Zamurai.S02.EP03.480p.x264.AAC.mp4
2015-05-04 05:33 - 2015-05-07 20:57 - 00000020 _____ () C:\Users\Dana\AppData\Roaming\appdataFr3.bin
2015-05-04 05:33 - 2015-05-04 05:33 - 00000000 ____D () C:\ProgramData\gifton
2015-05-02 08:52 - 2015-05-02 08:52 - 00001747 _____ () C:\Users\Public\Desktop\Myths of the World - The Heart of Desolation Collectors Edition.lnk
2015-05-02 08:52 - 2015-05-02 08:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Myths of the World - The Heart of Desolation Collectors Edition
2015-05-02 08:50 - 2015-05-02 08:52 - 00000000 ____D () C:\Program Files (x86)\Myths of the World - The Heart of Desolation Collectors Edition
2015-05-01 11:26 - 2015-05-01 11:26 - 00025343 _____ () C:\Users\Dana\Desktop\Neko Zamurai 2 Ep02 cz.ass
2015-04-30 16:16 - 2015-04-30 16:16 - 00000000 ____D () C:\Users\Dana\Downloads\Myths of the World - The Heart of Desolation Collectors Edition
2015-04-30 15:41 - 2015-05-07 16:42 - 00000193 _____ () C:\Users\Dana\Desktop\NZ 2 ul.txt
2015-04-30 08:25 - 2015-04-30 08:25 - 00023234 _____ () C:\Users\Dana\Desktop\Neko Zamurai 2 Ep01 cz.ass
2015-04-19 13:00 - 2015-04-30 16:39 - 00000000 ____D () C:\Users\Dana\Downloads\FT
2015-04-16 11:12 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-04-15 15:51 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 15:51 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 15:51 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 15:51 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 15:51 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 15:51 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 15:51 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 15:51 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 15:51 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 15:51 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 15:51 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 15:51 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 15:51 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 15:51 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 15:50 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 15:50 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 15:50 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 15:49 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 15:49 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 15:49 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 15:49 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 15:49 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 15:49 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 15:49 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 15:49 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 15:49 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 15:49 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 15:49 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 15:49 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 15:49 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 15:49 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 15:49 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 15:49 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 15:49 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 15:49 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 15:49 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 15:49 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 15:49 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 15:49 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 15:49 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 15:49 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 15:49 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 15:48 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 15:48 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 15:48 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 15:48 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 15:48 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 15:48 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 15:48 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 15:48 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 15:48 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 15:48 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 15:48 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 15:48 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 15:48 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 15:48 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 15:48 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 15:48 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 15:48 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 15:48 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 15:48 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 15:48 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 15:48 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 15:48 - 2014-10-18 08:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-15 15:47 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 15:47 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 15:47 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 15:47 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 15:47 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 15:47 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 15:47 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 06:42 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2015-04-14 06:42 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2015-04-11 14:53 - 2015-04-11 14:53 - 00000000 ___RD () C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Domácí skupina – zástupce
2015-04-10 17:09 - 2015-04-10 17:09 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\EleFun Games

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-08 13:10 - 2015-03-10 18:40 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\uTorrent
2015-05-08 13:03 - 2015-03-10 02:12 - 00000093 _____ () C:\Users\Dana\AppData\Roaming\sp_data.sys
2015-05-08 13:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-08 11:22 - 2015-03-10 02:17 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-08 08:52 - 2015-03-10 02:16 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4108021500-744762628-861933106-1001
2015-05-08 07:10 - 2015-03-10 02:14 - 00000000 ___DO () C:\Users\Dana\OneDrive
2015-05-08 06:53 - 2015-03-10 02:15 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F68B83EB-1E1B-4998-A038-539872A53EFD}
2015-05-08 06:51 - 2015-03-10 02:17 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-07 20:59 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-07 20:59 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-07 20:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-04 05:27 - 2015-03-10 02:10 - 00000000 ____D () C:\Users\Dana\AppData\Local\Packages
2015-05-04 05:19 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-03 17:33 - 2014-05-16 03:24 - 00749988 _____ () C:\Windows\system32\perfh00E.dat
2015-05-03 17:33 - 2014-05-16 03:24 - 00180594 _____ () C:\Windows\system32\perfc00E.dat
2015-05-03 17:33 - 2014-05-16 03:14 - 00747350 _____ () C:\Windows\system32\perfh005.dat
2015-05-03 17:33 - 2014-05-16 03:14 - 00154554 _____ () C:\Windows\system32\perfc005.dat
2015-05-03 17:33 - 2014-03-18 17:26 - 02666374 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-03 06:36 - 2015-03-13 12:59 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Eipix
2015-05-01 07:26 - 2015-03-10 02:18 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 07:18 - 2015-03-10 16:46 - 00000000 ____D () C:\Users\Dana\AppData\Local\CrashDumps
2015-04-24 06:20 - 2014-05-15 19:15 - 00002460 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
2015-04-24 06:20 - 2014-05-15 19:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-24 06:19 - 2014-05-15 19:15 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-04-17 07:19 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-16 11:11 - 2014-11-14 23:20 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-16 06:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-16 06:32 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 21:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-04-15 21:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-04-15 21:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-04-15 21:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-04-15 17:04 - 2015-03-09 21:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 17:03 - 2015-03-09 21:09 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 17:02 - 2015-03-10 22:09 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 17:02 - 2015-03-10 22:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-14 01:24 - 2015-03-11 14:19 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2015-03-11 14:19 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-11 07:59 - 2015-03-10 02:07 - 00000000 ____D () C:\Users\Dana

==================== Files in the root of some directories =======

2015-05-04 05:33 - 2015-05-07 20:57 - 0000020 _____ () C:\Users\Dana\AppData\Roaming\appdataFr3.bin
2015-03-10 02:12 - 2015-05-08 13:03 - 0000093 _____ () C:\Users\Dana\AppData\Roaming\sp_data.sys
2014-11-14 23:08 - 2014-11-14 23:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-05-15 19:14 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-15 19:14 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-29 17:45

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Policies\Explorer: [NoFolderOptions] 0
  HKLM\...\Policies\Explorer: [NoControlPanel] 0
  HKU\S-1-5-21-4108021500-744762628-861933106-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
  HKU\S-1-5-21-4108021500-744762628-861933106-1001\...\Run: [uTorrent] => C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06] (BitTorrent Inc.)
  HKU\S-1-5-21-4108021500-744762628-861933106-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
  HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  CHR dev: Chrome dev build detected! <======= ATTENTION
  CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=16805
  CHR Extension: (Use VLC for YouTube) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhflamheoandbibgflojkjccnenjbda [2015-05-04]
  
  2015-05-08 13:12 - 2015-05-08 13:13 - 00020564 _____ () C:\Users\Dana\Downloads\FRST.txt
  2015-05-08 13:12 - 2015-05-08 13:12 - 00112640 _____ () C:\Users\Dana\Downloads\Nepotvrzeno 556162.crdownload
  2015-05-08 13:11 - 2015-05-08 13:11 - 00112640 _____ () C:\Users\Dana\Downloads\Nepotvrzeno 477651.crdownload
  2015-05-07 20:58 - 2015-05-07 20:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2015-05-07 20:49 - 2015-05-07 21:00 - 00004383 _____ () C:\zoek-results.log
  2015-05-07 20:48 - 2015-05-07 20:57 - 00000000 ____D () C:\zoek_backup
  2015-05-07 20:48 - 2003-02-02 06:00 - 01308672 _____ () C:\Users\Dana\Desktop\zoek.exe
  2015-05-07 20:47 - 2015-05-08 07:10 - 01300146 _____ () C:\Users\Dana\Downloads\zoek.zip
  2015-05-07 20:31 - 2015-05-08 07:31 - 00067072 ___SH () C:\Users\Dana\Downloads\Thumbs.db
  2015-05-07 20:31 - 2015-05-07 20:33 - 00000000 ____D () C:\AdwCleaner
  2015-05-07 20:30 - 2015-05-07 20:30 - 02204160 _____ () C:\Users\Dana\Downloads\adwcleaner_4.203.exe
  2015-05-07 16:26 - 2015-05-07 16:26 - 01222144 _____ () C:\Users\Dana\Downloads\RSITx64.exe
  2015-05-07 16:26 - 2015-05-07 16:26 - 00000000 ____D () C:\rsit
  2015-05-07 16:26 - 2015-05-07 16:26 - 00000000 ____D () C:\Program Files\trend micro
  
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Magráta]

Dobrý den,
posílám, co vylezlo, když jsem pc ukecala ke spuštění programu.
Zdravím a děkuji za trpělivost.
DS
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Dana at 2015-05-09 13:25:28 Run:1
Running from C:\Users\Dana\Desktop
Loaded Profiles: Dana (Available profiles: Dana)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4108021500-744762628-861933106-1001\...\Run: CCLEANER Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] PIRIFORM Ltd)
HKU\S-1-5-21-4108021500-744762628-861933106-1001\...\Run: [uTorrent] => C:\Users\Dana\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06] (BitTorrent Inc.)
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=16805
CHR Extension: (Use VLC for YouTube) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhflamheoandbibgflojkjccnenjbda [2015-05-04]

2015-05-08 13:12 - 2015-05-08 13:13 - 00020564 _____ () C:\Users\Dana\Downloads\FRST.txt
2015-05-08 13:12 - 2015-05-08 13:12 - 00112640 _____ () C:\Users\Dana\Downloads\Nepotvrzeno 556162.crdownload
2015-05-08 13:11 - 2015-05-08 13:11 - 00112640 _____ () C:\Users\Dana\Downloads\Nepotvrzeno 477651.crdownload
2015-05-07 20:58 - 2015-05-07 20:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-07 20:49 - 2015-05-07 21:00 - 00004383 _____ () C:\zoek-results.log
2015-05-07 20:48 - 2015-05-07 20:57 - 00000000 ____D () C:\zoek_backup
2015-05-07 20:48 - 2003-02-02 06:00 - 01308672 _____ () C:\Users\Dana\Desktop\zoek.exe
2015-05-07 20:47 - 2015-05-08 07:10 - 01300146 _____ () C:\Users\Dana\Downloads\zoek.zip
2015-05-07 20:31 - 2015-05-08 07:31 - 00067072 ___SH () C:\Users\Dana\Downloads\Thumbs.db
2015-05-07 20:31 - 2015-05-07 20:33 - 00000000 ____D () C:\AdwCleaner
2015-05-07 20:30 - 2015-05-07 20:30 - 02204160 _____ () C:\Users\Dana\Downloads\adwcleaner_4.203.exe
2015-05-07 16:26 - 2015-05-07 16:26 - 01222144 _____ () C:\Users\Dana\Downloads\RSITx64.exe
2015-05-07 16:26 - 2015-05-07 16:26 - 00000000 ____D () C:\rsit
2015-05-07 16:26 - 2015-05-07 16:26 - 00000000 ____D () C:\Program Files\trend micro

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Windows\CurrentVersion\Run\\HKU\S-1-5-21-4108021500-744762628-861933106-1001\...\Run: CCLEANER Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] PIRIFORM Ltd) => Value not found.
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Control Panel\Desktop\\SCRNSAVE.EXE => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-4108021500-744762628-861933106-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
Chrome HomePage deleted successfully.
C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhflamheoandbibgflojkjccnenjbda => Moved successfully.
C:\Users\Dana\Downloads\FRST.txt => Moved successfully.
"C:\Users\Dana\Downloads\Nepotvrzeno 556162.crdownload" => File/Directory not found.
"C:\Users\Dana\Downloads\Nepotvrzeno 477651.crdownload" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Dana\Desktop\zoek.exe => Moved successfully.
C:\Users\Dana\Downloads\zoek.zip => Moved successfully.
C:\Users\Dana\Downloads\Thumbs.db => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Dana\Downloads\adwcleaner_4.203.exe => Moved successfully.
C:\Users\Dana\Downloads\RSITx64.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 167.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog 13:25:57 ====

[vyosek]

Zdravim a pekne sobotni odpoledne preji


FRST udelal co mel, jak se nyni chova PC, jsou nejake problemy???

[Magráta]

Děkuji, zatím se zdá, že už na mě ta bestie nevyskakuje.
Jsem vám nesmírně vděčná, DS