Vyskakovací reklamy a přenastavení dom. str.

Zpráva

kuba0003 · #1 Příspěvek od **kuba0003** » 26 úno 2015 14:32

Zdravím, potřeboval bych vycistit PC. Předem děkuji za pomoc.

Log FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by Krykro (administrator) on KRYKRO-PC on 26-02-2015 10:40:49
Running from C:\Users\Krykro\Desktop
Loaded Profiles: Krykro (Available profiles: UpdatusUser & Krykro)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\ChromeEnhancer\ChromeEnhancer.exe
() C:\Support\couponsupport.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIFIE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIFIE.EXE
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Users\Krykro\AppData\Roaming\SpeedTray\speedtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\System32\PnkBstrA.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files\ChromeEnhancer\ChromeEnhancerMonitor32.exe
() C:\Program Files (x86)\Dolphin Deals\updateDolphinDeals.exe
() C:\Program Files (x86)\Dolphin Deals\bin\utilDolphinDeals.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.PurBrowse64.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.expext.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BOASHelper.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BrowserAdapter.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BrowserAdapter64.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BOASPRT.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BOAS.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BOASPRT.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BOAS.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BOASPRT.exe
() C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.BOAS.exe
(forum.viry.cz) C:\Users\Krykro\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6968904 2013-01-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-06] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe [1023104 2012-12-27] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe [801920 2012-12-27] (Atheros Commnucations)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1209329574-1280058198-2886538683-1001\...\Run: [EPSON8E7779] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE [223232 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1209329574-1280058198-2886538683-1001\...\Run: [EPSON8E7779 (kopie 1)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE [223232 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1209329574-1280058198-2886538683-1001\...\Run: [Facebook Update] => C:\Users\Krykro\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-09] (Facebook Inc.)
HKU\S-1-5-21-1209329574-1280058198-2886538683-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-1209329574-1280058198-2886538683-1001\...\Run: [SpeedTray] => C:\Users\Krykro\AppData\Roaming\SpeedTray\speedtray.exe [725518 2014-12-25] ()
HKU\S-1-5-21-1209329574-1280058198-2886538683-1001\...\Run: [SwvUpdtr] => C:\Users\Krykro\AppData\Local\10975\Updater.exe [667648 2015-01-30] ()
AppInit_DLLs: C:\PROGRA~2\SUPPOR~1\SUPPOR~2.DLL => C:\Program Files (x86)\Supporter\Supporter_x64.dll [4365824 2014-07-31] ()
AppInit_DLLs-x32: c:\progra~2\suppor~1\suppor~1.dll => c:\Program Files (x86)\Supporter\Supporter.dll [4312064 2014-07-31] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-1209329574-1280058198-2886538683-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-1209329574-1280058198-2886538683-1001] => 127.0.0.1:8118
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 0x00
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 0x00
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... XXZ1E57NGG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 0x00
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 0x00
HKU\S-1-5-21-1209329574-1280058198-2886538683-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 0x00
HKU\S-1-5-21-1209329574-1280058198-2886538683-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... %26SSPV%3D
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1209329574-1280058198-2886538683-1001 -> DefaultScope {114DB5FA-0AFB-BB92-A75B-F44D3CE875CD} URL = http://www.trovi.com/Results.aspx?gd=&c ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-1209329574-1280058198-2886538683-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&c ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-1209329574-1280058198-2886538683-1001 -> {114DB5FA-0AFB-BB92-A75B-F44D3CE875CD} URL = http://www.trovi.com/Results.aspx?gd=&c ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-1209329574-1280058198-2886538683-1001 -> {373ECDD1-7434-43BA-9DA4-351DA6E84EEB} URL =
SearchScopes: HKU\S-1-5-21-1209329574-1280058198-2886538683-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
BHO: DeallExprresss -> {c5d461bb-bd95-448e-a0ae-d640dc6469e1} -> C:\Program Files (x86)\DeallExprresss\7S7KmV7IG2f0nn.x64.dll ()
BHO: BBitSaaVeerr -> {f23a677c-332d-4c47-a03a-a0cb427af0b1} -> C:\Program Files (x86)\BBitSaaVeerr\qcUpnLNuZX1J4i.x64.dll ()
BHO-x32: DeallExprresss -> {c5d461bb-bd95-448e-a0ae-d640dc6469e1} -> C:\Program Files (x86)\DeallExprresss\7S7KmV7IG2f0nn.dll ()
BHO-x32: BBitSaaVeerr -> {f23a677c-332d-4c47-a03a-a0cb427af0b1} -> C:\Program Files (x86)\BBitSaaVeerr\qcUpnLNuZX1J4i.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.17.0.254 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc ... XXZ1E57NGG

FireFox:
========
FF ProfilePath: C:\Users\Krykro\AppData\Roaming\Mozilla\Firefox\Profiles\iya302zl.default
FF DefaultSearchEngine: Trovi
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1209329574-1280058198-2886538683-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Krykro\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1209329574-1280058198-2886538683-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Krykro\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1209329574-1280058198-2886538683-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Krykro\AppData\Roaming\Mozilla\Firefox\Profiles\iya302zl.default\searchplugins\trovi.xml
FF Extension: CheaapMie - C:\Users\Krykro\AppData\Roaming\Mozilla\Firefox\Profiles\iya302zl.default\Extensions\atH@SJ.net [2015-02-18]
FF Extension: ROboSavveer - C:\Users\Krykro\AppData\Roaming\Mozilla\Firefox\Profiles\iya302zl.default\Extensions\CNY@5QSMZ8.edu [2015-02-18]
FF Extension: Dolphin Deals 1.0.1 - C:\Users\Krykro\AppData\Roaming\Mozilla\Firefox\Profiles\iya302zl.default\Extensions\{702bbd8f-e6dd-42a8-a995-6b431927d55e}.xpi [2015-02-19]
FF Extension: Firefox Helper - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\fd9d3edf8021c21b72e91da89e2e8f53 [2015-02-11]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 0415&SSPV=", "hxxp://istart.webssearches.com/?type=hp&ts=1406808612&from=irs&uid=ST2000DM001-1CH164_Z1E57NGGXXXXZ1E57NGG", "hxxp://search.gboxapp.com/", "hxxp://www.trovi.com/?gd=&ctid=CT3332201&octid ... 8B59&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332201&octid ... 90TB_sp_ch", "hxxp://www.trovi.com/?gd=&ctid=CT3332201&octid ... FACE&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 5131&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... B2CC&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 68EE&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 1DA0&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 8974&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 11TB_sp_ch", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 11TB_sp_ch", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 11TA_sp_ch", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 8454&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 0415&SSPV=", "hxxp://www.trovi.com/?gd=&ctid=CT3332200&octid ... 30TA_sp_ch"
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT33322 ... 1&SAT=CNTS
CHR DefaultSuggestURL: Default -> http://suggest.seccint.com/CSuggestJson ... earchTerms}
CHR Profile: C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
CHR Extension: (Google Docs) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-10]
CHR Extension: (YouTube) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]
CHR Extension: (Google Search) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-10]
CHR Extension: (MediaPlus) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\emaamodndfmmmcjepfigalbjjjemadom [2015-02-18]
CHR Extension: (Google Sheets) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
CHR Extension: (Dolphin Deals) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjgkbmogikjgdeocaojnaonodkkkkmk [2015-02-18]
CHR Extension: (Skype Click to Call) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-02-10]
CHR Extension: (Google Wallet) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-10]
CHR Extension: (Gmail) - C:\Users\Krykro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [204928 2012-12-27] (Atheros Commnucations) [File not signed]
R2 be0fb33b; c:\Program Files (x86)\Supporter\SupporterSvc.dll [174416 2014-07-31] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-21] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ChromeEnhancer; C:\Program Files\ChromeEnhancer\ChromeEnhancer.exe [47104 2015-01-30] () [File not signed]
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-30] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-06] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [694784 2014-07-31] (Cherished Technololgy LIMITED) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129336 2013-01-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-31] (Intel Corporation)
S2 Live Malware Protection; C:\Windows\mlwps.exe [239104 2015-02-07] (AV Security Software) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-08] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-06] ()
R2 PrivoxyService; C:\Program Files (x86)\Jelbrus Secure Web\privoxy.exe [443202 2015-02-07] (The Privoxy team - www.privoxy.org) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [202824 2013-01-19] (Realtek Semiconductor)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-06] (Dell Inc.)
R2 Update Dolphin Deals; C:\Program Files (x86)\Dolphin Deals\updateDolphinDeals.exe [400680 2015-02-26] ()
R2 Util Dolphin Deals; C:\Program Files (x86)\Dolphin Deals\bin\utilDolphinDeals.exe [400680 2015-02-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-15] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-12-27] (Atheros) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-01-15] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R1 {0b3befeb-e7d9-4648-a054-011aee951126}Gw64; C:\Windows\System32\drivers\{0b3befeb-e7d9-4648-a054-011aee951126}Gw64.sys [48840 2015-02-23] (StdLib)
R1 {17d7b7ef-d2d8-45f1-a2f2-2dea72852c07}Gw64; C:\Windows\System32\drivers\{17d7b7ef-d2d8-45f1-a2f2-2dea72852c07}Gw64.sys [48840 2015-02-05] (StdLib)
R1 {1bcac693-c506-4a13-8921-e885a8cb1d13}Gw64; C:\Windows\System32\drivers\{1bcac693-c506-4a13-8921-e885a8cb1d13}Gw64.sys [48840 2015-02-15] (StdLib)
R1 {2be54678-5f85-4937-975c-484112311e65}Gw64; C:\Windows\System32\drivers\{2be54678-5f85-4937-975c-484112311e65}Gw64.sys [48840 2015-02-02] (StdLib)
R1 {702bbd8f-e6dd-42a8-a995-6b431927d55e}Gw64; C:\Windows\System32\drivers\{702bbd8f-e6dd-42a8-a995-6b431927d55e}Gw64.sys [48840 2015-02-17] (StdLib)
R1 {95e63078-c8de-4514-94f6-859d098ae58c}Gw64; C:\Windows\System32\drivers\{95e63078-c8de-4514-94f6-859d098ae58c}Gw64.sys [48840 2015-02-20] (StdLib)
R1 {a1f2b2c5-146d-4683-aa34-abcb75c39377}Gw64; C:\Windows\System32\drivers\{a1f2b2c5-146d-4683-aa34-abcb75c39377}Gw64.sys [48840 2015-01-30] (StdLib)
R1 {a4443b5b-ce03-4aac-a749-803d56679b24}Gw64; C:\Windows\System32\drivers\{a4443b5b-ce03-4aac-a749-803d56679b24}Gw64.sys [48840 2015-01-29] (StdLib)
R1 {c4a7b09f-59a5-4aec-aa79-4922d6416b82}Gw64; C:\Windows\System32\drivers\{c4a7b09f-59a5-4aec-aa79-4922d6416b82}Gw64.sys [48840 2015-02-11] (StdLib)
R1 {cfcde8f5-41ca-4db2-b65e-84981eec55ca}Gw64; C:\Windows\System32\drivers\{cfcde8f5-41ca-4db2-b65e-84981eec55ca}Gw64.sys [48840 2015-02-09] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 10:40 - 2015-02-26 10:41 - 00030266 _____ () C:\Users\Krykro\Desktop\FRST.txt
2015-02-26 10:40 - 2015-02-26 10:40 - 00000000 ____D () C:\FRST
2015-02-26 10:39 - 2015-02-26 10:40 - 02087936 _____ (Farbar) C:\Users\Krykro\Desktop\FRST64.exe
2015-02-26 10:39 - 2015-02-26 10:39 - 00112640 _____ (forum.viry.cz) C:\Users\Krykro\Desktop\FRSTLauncher.exe
2015-02-26 10:30 - 2015-02-26 10:30 - 00000000 ___RD () C:\Users\Krykro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-02-25 23:14 - 2015-02-25 23:14 - 00000225 _____ () C:\Users\Krykro\Desktop\DayZ.url
2015-02-25 20:19 - 2015-02-25 20:19 - 00000224 _____ () C:\Users\Krykro\Desktop\Arma 2 Operation Arrowhead.url
2015-02-25 17:35 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 17:35 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 11:25 - 2015-02-25 11:25 - 00000000 ____D () C:\Users\Krykro\Documents\SH4
2015-02-25 11:01 - 2015-02-25 11:01 - 00000224 _____ () C:\Users\Krykro\Desktop\Silent Hunter Wolves of the Pacific.url
2015-02-24 08:00 - 2015-02-23 20:07 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{0b3befeb-e7d9-4648-a054-011aee951126}Gw64.sys
2015-02-22 15:58 - 2015-02-22 15:58 - 00000000 ____D () C:\Users\Krykro\Documents\Paradox Interactive
2015-02-22 15:51 - 2015-02-22 15:51 - 00000225 _____ () C:\Users\Krykro\Desktop\Crusader Kings II.url
2015-02-21 14:24 - 2015-02-26 00:34 - 00000000 ____D () C:\Users\Krykro\AppData\Local\DayZ
2015-02-21 14:24 - 2015-02-21 14:47 - 00000000 ____D () C:\Users\Krykro\Documents\DayZ
2015-02-21 11:55 - 2015-02-21 11:55 - 00000209 _____ () C:\Users\Krykro\Desktop\Medieval II Total War Demo.url
2015-02-21 07:41 - 2015-02-20 14:31 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{95e63078-c8de-4514-94f6-859d098ae58c}Gw64.sys
2015-02-19 16:44 - 2015-02-19 16:44 - 00000000 ____D () C:\Users\Krykro\AppData\Local\Steam
2015-02-18 19:46 - 2015-02-18 19:46 - 00000000 ____D () C:\Program Files (x86)\ROboSavveer
2015-02-18 19:46 - 2015-02-18 19:46 - 00000000 ____D () C:\Program Files (x86)\MediaPlus
2015-02-18 19:46 - 2015-02-18 19:46 - 00000000 ____D () C:\Program Files (x86)\CheaapMie
2015-02-18 19:46 - 2015-02-18 19:46 - 00000000 ____D () C:\Program Files (x86)\DeallExprresss
2015-02-18 19:46 - 2015-02-18 19:46 - 00000000 ____D () C:\Program Files (x86)\BBitSaaVeerr
2015-02-18 19:45 - 2015-02-18 19:45 - 00000000 ____D () C:\ProgramData\hmlclgoikaffpkefljmbfcmofkmnibjm
2015-02-18 19:45 - 2015-02-18 19:45 - 00000000 ____D () C:\Program Files (x86)\CheapaME
2015-02-17 18:44 - 2015-02-17 08:32 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{702bbd8f-e6dd-42a8-a995-6b431927d55e}Gw64.sys
2015-02-15 19:50 - 2015-02-15 19:50 - 00851968 _____ () C:\Users\Krykro\AppData\Roaming\AC29.tmp.exe
2015-02-15 19:50 - 2015-02-15 19:50 - 00000000 _____ () C:\Users\Krykro\AppData\Roaming\AC29.tmp
2015-02-15 16:40 - 2015-02-15 04:31 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{1bcac693-c506-4a13-8921-e885a8cb1d13}Gw64.sys
2015-02-14 18:08 - 2015-02-14 18:08 - 00000000 ____D () C:\Users\Krykro\AppData\Local\4A Games
2015-02-14 15:34 - 2015-02-14 15:34 - 00851968 _____ () C:\Users\Krykro\AppData\Roaming\7F83.tmp.exe
2015-02-14 15:34 - 2015-02-14 15:34 - 00000000 _____ () C:\Users\Krykro\AppData\Roaming\7F83.tmp
2015-02-14 10:54 - 2015-02-14 10:54 - 00000225 _____ () C:\Users\Krykro\Desktop\NBA 2K15.url
2015-02-14 08:54 - 2015-02-14 08:54 - 00000000 ____D () C:\Users\Krykro\Documents\4a games
2015-02-14 08:27 - 2015-02-14 08:28 - 00000224 _____ () C:\Users\Krykro\Desktop\Metro 2033.url
2015-02-13 23:32 - 2015-02-13 23:32 - 00851968 _____ () C:\Users\Krykro\AppData\Roaming\3D7C.tmp.exe
2015-02-13 23:32 - 2015-02-13 23:32 - 00000000 _____ () C:\Users\Krykro\AppData\Roaming\3D7C.tmp
2015-02-13 23:19 - 2015-02-13 23:19 - 832994967 _____ () C:\Windows\MEMORY.DMP
2015-02-13 23:19 - 2015-02-13 23:19 - 01147360 _____ () C:\Windows\Minidump\021315-24304-01.dmp
2015-02-13 23:19 - 2015-02-13 23:19 - 00000000 ____D () C:\Windows\Minidump
2015-02-12 19:18 - 2015-02-19 21:51 - 00000426 _____ () C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job
2015-02-12 19:18 - 2015-02-12 19:18 - 00003234 _____ () C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-02-12 19:18 - 2015-02-12 19:18 - 00000000 __HDC () C:\ProgramData\{7417E72F-E156-403E-9DFA-EB0ED1DB06F1}
2015-02-12 19:17 - 2015-02-19 21:51 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-02-12 19:17 - 2015-02-12 19:17 - 00000000 ____D () C:\Program Files (x86)\Dell
2015-02-12 16:25 - 2015-02-18 19:46 - 00000000 ____D () C:\Program Files (x86)\MssCoupp
2015-02-12 16:25 - 2015-02-12 16:25 - 00000000 ____D () C:\Program Files (x86)\MMsaCooupp
2015-02-12 16:24 - 2015-02-12 16:25 - 00000000 ____D () C:\Program Files (x86)\MsuCoup
2015-02-12 16:13 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 16:13 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 16:13 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 16:13 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 21:01 - 2015-02-11 21:01 - 00000000 ____D () C:\Users\Krykro\AppData\Local\ESN
2015-02-11 20:36 - 2015-02-11 20:36 - 01533584 _____ () C:\Users\Krykro\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-11 20:06 - 2015-02-11 09:36 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{c4a7b09f-59a5-4aec-aa79-4922d6416b82}Gw64.sys
2015-02-11 14:55 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 14:55 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 14:55 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 14:55 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 14:55 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 14:55 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 14:55 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 14:55 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 14:55 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:55 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:55 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:55 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:55 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:55 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:55 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:55 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:55 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:55 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:55 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:55 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:55 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:55 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:55 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:55 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:55 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:55 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:55 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:55 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:55 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:55 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:55 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:55 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:55 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:55 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:55 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:55 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:55 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:55 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:55 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:55 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:55 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:55 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:55 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:55 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:55 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:55 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:55 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:55 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:55 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:55 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:55 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:55 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:55 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:55 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:55 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:55 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:54 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:54 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:54 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:54 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:54 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:54 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:54 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:54 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:54 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:54 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:54 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:54 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:54 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:54 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:54 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:54 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:54 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:54 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:54 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:54 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:54 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:53 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:53 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:53 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:53 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:53 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:53 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:53 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:53 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:53 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:49 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 19:04 - 2015-02-25 14:51 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-02-10 19:04 - 2015-02-12 19:18 - 00000000 ____D () C:\Program Files\Dell
2015-02-10 19:04 - 2015-02-10 19:04 - 00004034 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-02-10 19:04 - 2015-02-10 19:04 - 00003222 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-02-10 19:04 - 2015-02-10 19:04 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-02-10 19:04 - 2015-02-10 19:04 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-02-10 18:50 - 2015-02-11 16:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-10 18:50 - 2015-02-10 18:50 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-10 18:50 - 2015-02-10 18:50 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-02-10 18:50 - 2015-02-10 18:50 - 00000000 ____D () C:\Users\Krykro\AppData\Roaming\Mozilla
2015-02-10 18:50 - 2015-02-10 18:50 - 00000000 ____D () C:\Users\Krykro\AppData\Local\Mozilla
2015-02-10 18:50 - 2015-02-10 18:50 - 00000000 ____D () C:\ProgramData\Mozilla
2015-02-10 18:50 - 2015-02-10 18:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-10 18:49 - 2015-02-10 18:49 - 00243576 _____ () C:\Users\Krykro\Downloads\Firefox Setup Stub 35.0.1.exe
2015-02-10 18:49 - 2015-02-10 18:49 - 00000000 ____D () C:\Users\Krykro\Documents\mozilla
2015-02-10 18:48 - 2015-02-26 10:30 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-10 18:48 - 2015-02-26 09:53 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-10 18:48 - 2015-02-10 18:48 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-10 18:48 - 2015-02-10 18:48 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-09 17:25 - 2015-02-09 17:48 - 207759363 _____ () C:\Users\Krykro\Downloads\Teorie.velkeho.tresku.S05E07.Fluktuace.dobractvi.DVDRip.XviD.CZ-EN.avi
2015-02-09 16:09 - 2015-02-09 05:33 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{cfcde8f5-41ca-4db2-b65e-84981eec55ca}Gw64.sys
2015-02-08 17:15 - 2015-02-08 17:15 - 00000000 ____D () C:\Users\Krykro\Documents\Chrome
2015-02-07 14:11 - 2015-02-25 21:33 - 00003282 _____ () C:\Windows\System32\Tasks\Jelbrus Secure Web Task
2015-02-07 14:11 - 2015-02-15 19:50 - 00003264 _____ () C:\Windows\System32\Tasks\mcleaner
2015-02-07 14:11 - 2015-02-13 23:32 - 00000000 ____D () C:\Program Files (x86)\Jelbrus Secure Web
2015-02-07 14:11 - 2015-02-07 14:11 - 00851968 _____ () C:\Users\Krykro\AppData\Roaming\50ED.tmp.exe
2015-02-07 14:11 - 2015-02-07 14:11 - 00239104 _____ (AV Security Software) C:\Windows\mlwps.exe
2015-02-07 14:11 - 2015-02-07 14:11 - 00000000 _____ () C:\Users\Krykro\AppData\Roaming\50ED.tmp
2015-02-06 21:52 - 2015-02-06 21:52 - 00000000 ____D () C:\Users\Krykro\Documents\Ubisoft
2015-02-06 21:13 - 2015-02-06 21:13 - 00000000 ____D () C:\Users\Krykro\AppData\Roaming\Ubisoft
2015-02-06 21:08 - 2015-02-06 21:18 - 00000000 ____D () C:\Users\Krykro\Documents\Ghost Recon
2015-02-05 21:55 - 2015-02-05 10:32 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{17d7b7ef-d2d8-45f1-a2f2-2dea72852c07}Gw64.sys
2015-02-02 15:38 - 2015-02-02 04:33 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{2be54678-5f85-4937-975c-484112311e65}Gw64.sys
2015-01-30 23:36 - 2015-01-30 23:36 - 00023760 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys
2015-01-30 23:36 - 2015-01-30 23:36 - 00023312 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys
2015-01-30 21:43 - 2015-01-30 11:41 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{a1f2b2c5-146d-4683-aa34-abcb75c39377}Gw64.sys
2015-01-30 14:34 - 2015-01-30 14:34 - 00000000 ____D () C:\Users\Krykro\AppData\Local\10975
2015-01-30 14:21 - 2015-01-29 22:33 - 00048840 _____ (StdLib) C:\Windows\system32\Drivers\{a4443b5b-ce03-4aac-a749-803d56679b24}Gw64.sys
2015-01-30 14:12 - 2015-02-26 10:33 - 00000000 ____D () C:\Program Files (x86)\Dolphin Deals
2015-01-30 14:11 - 2015-02-26 10:30 - 00001815 _____ () C:\CE.txt
2015-01-30 14:11 - 2015-01-30 14:11 - 00000000 ____D () C:\Program Files\ChromeEnhancer
2015-01-28 22:02 - 2015-02-07 16:14 - 00000020 _____ () C:\Users\Krykro\AppData\Roaming\appdataFr3.bin
2015-01-28 22:02 - 2015-02-05 22:34 - 00000000 ____D () C:\ProgramData\Block The Ads
2015-01-27 11:16 - 2015-01-27 11:16 - 00000234 _____ () C:\Users\Krykro\Desktop\Assassin's Creed IV Black Flag Singleplayer.url
2015-01-27 11:16 - 2015-01-27 11:16 - 00000234 _____ () C:\Users\Krykro\Desktop\Assassin's Creed IV Black Flag Multiplayer.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-26 10:39 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-26 10:39 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-26 10:37 - 2013-10-15 06:18 - 01360874 _____ () C:\Windows\WindowsUpdate.log
2015-02-26 10:35 - 2014-11-10 19:23 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-26 10:33 - 2014-04-03 18:09 - 00000000 ____D () C:\ProgramData\Origin
2015-02-26 10:33 - 2009-07-14 03:34 - 00000612 _____ () C:\Windows\win.ini
2015-02-26 10:31 - 2014-07-31 13:09 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2015-02-26 10:31 - 2013-10-14 21:57 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-02-26 10:31 - 2013-10-14 21:57 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-02-26 10:31 - 2013-10-14 21:41 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-02-26 10:30 - 2014-07-31 13:10 - 00000358 ____H () C:\Windows\Tasks\couponsupport-S-649636217.job
2015-02-26 10:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-26 10:30 - 2009-07-14 05:51 - 00089993 _____ () C:\Windows\setupact.log
2015-02-26 10:29 - 2013-10-15 06:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-26 10:10 - 2014-04-04 19:29 - 00000000 ____D () C:\Users\Krykro\Documents\Steam
2015-02-26 09:53 - 2013-10-14 21:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 23:34 - 2014-05-09 16:29 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1209329574-1280058198-2886538683-1001UA.job
2015-02-25 21:33 - 2014-04-05 09:43 - 00000000 ____D () C:\Users\Krykro\AppData\Local\CrashDumps
2015-02-25 20:49 - 2014-06-09 17:14 - 00000000 ____D () C:\Users\Krykro\AppData\Local\ArmA 2 OA
2015-02-25 17:34 - 2014-05-09 16:29 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1209329574-1280058198-2886538683-1001Core.job
2015-02-25 14:09 - 2014-08-01 17:19 - 00070144 _____ () C:\Windows\SysWOW64\tasks.dll
2015-02-25 13:48 - 2014-04-03 22:42 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-25 11:52 - 2014-04-03 22:42 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-25 11:25 - 2013-10-14 21:45 - 00593455 _____ () C:\Windows\DirectX.log
2015-02-25 07:34 - 2010-11-21 04:47 - 00299698 _____ () C:\Windows\PFRO.log
2015-02-21 11:58 - 2014-05-15 16:43 - 00000000 ____D () C:\Users\Krykro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-21 10:54 - 2014-07-29 08:59 - 00000000 ____D () C:\Users\Krykro\AppData\Local\Arma 3
2015-02-18 19:46 - 2014-12-12 19:15 - 00000000 ____D () C:\ProgramData\17739368700324811735UL
2015-02-17 17:34 - 2014-05-13 13:57 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-17 17:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 07:55 - 2014-04-03 17:58 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-12 18:39 - 2014-04-03 22:44 - 00298032 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-12 16:04 - 2014-11-11 22:16 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-11 17:10 - 2009-07-14 05:45 - 00411816 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 17:09 - 2014-12-11 20:39 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 17:09 - 2014-05-09 21:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 17:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-02-11 17:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-02-11 17:04 - 2014-05-26 20:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 17:03 - 2014-04-06 20:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 17:03 - 2014-04-06 20:23 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-11 17:03 - 2014-04-06 20:23 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-11 17:03 - 2014-04-06 20:22 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-11 17:03 - 2014-04-06 20:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-11 17:02 - 2015-01-09 22:52 - 00000000 ____D () C:\ProgramData\adsya
2015-02-11 17:01 - 2015-01-09 22:52 - 00000000 ____D () C:\ProgramData\shoppii
2015-02-11 16:59 - 2014-04-06 20:34 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 16:19 - 2014-04-03 17:59 - 00002265 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-10 19:20 - 2013-10-14 21:51 - 00000000 ____D () C:\ProgramData\PCDr
2015-02-10 19:04 - 2013-10-14 21:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-02-10 18:47 - 2014-04-03 17:58 - 00000000 ____D () C:\Users\Krykro\AppData\Local\Deployment
2015-02-08 13:33 - 2014-11-11 22:34 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-02-08 12:18 - 2014-04-13 16:10 - 00000000 ____D () C:\Users\Krykro\AppData\Roaming\vlc
2015-02-06 22:47 - 2014-04-04 14:08 - 00000000 ____D () C:\Users\Krykro\AppData\Roaming\Skype
2015-02-06 21:52 - 2014-04-03 22:44 - 00000000 ____D () C:\Users\Krykro\AppData\Local\PunkBuster
2015-02-06 21:23 - 2014-04-03 22:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-06 21:21 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-06 21:09 - 2013-10-14 21:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-06 20:17 - 2012-06-19 14:02 - 03227136 ____N () C:\Windows\SysWOW64\pbsvc.exe
2015-01-30 19:15 - 2014-06-20 13:55 - 00000000 ____D () C:\Users\Krykro\Documents\WoT

==================== Files in the root of some directories =======

2015-02-13 23:32 - 2015-02-13 23:32 - 0000000 _____ () C:\Users\Krykro\AppData\Roaming\3D7C.tmp
2015-02-13 23:32 - 2015-02-13 23:32 - 0851968 _____ () C:\Users\Krykro\AppData\Roaming\3D7C.tmp.exe
2015-02-07 14:11 - 2015-02-07 14:11 - 0000000 _____ () C:\Users\Krykro\AppData\Roaming\50ED.tmp
2015-02-07 14:11 - 2015-02-07 14:11 - 0851968 _____ () C:\Users\Krykro\AppData\Roaming\50ED.tmp.exe
2015-02-14 15:34 - 2015-02-14 15:34 - 0000000 _____ () C:\Users\Krykro\AppData\Roaming\7F83.tmp
2015-02-14 15:34 - 2015-02-14 15:34 - 0851968 _____ () C:\Users\Krykro\AppData\Roaming\7F83.tmp.exe
2015-02-15 19:50 - 2015-02-15 19:50 - 0000000 _____ () C:\Users\Krykro\AppData\Roaming\AC29.tmp
2015-02-15 19:50 - 2015-02-15 19:50 - 0851968 _____ () C:\Users\Krykro\AppData\Roaming\AC29.tmp.exe
2015-01-28 22:02 - 2015-02-07 16:14 - 0000020 _____ () C:\Users\Krykro\AppData\Roaming\appdataFr3.bin

Some content of TEMP:
====================
C:\Users\Krykro\AppData\Local\Temp\1ck1qtkg.dll
C:\Users\Krykro\AppData\Local\Temp\7675_.exe
C:\Users\Krykro\AppData\Local\Temp\amisetup0748__7675.exe
C:\Users\Krykro\AppData\Local\Temp\amisetup2742__7675.exe
C:\Users\Krykro\AppData\Local\Temp\amisetup4057__7675.exe
C:\Users\Krykro\AppData\Local\Temp\amisetup5693__7675.exe
C:\Users\Krykro\AppData\Local\Temp\amisetup6547__7675.exe
C:\Users\Krykro\AppData\Local\Temp\amisetup6835__7675.exe
C:\Users\Krykro\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Krykro\AppData\Local\Temp\dwse0boy.kwv.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd547487E31.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd5475EBCC1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd5477428F1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54787BB31.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54787BB42.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd547A1CFE1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd547B177E1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd547C7BAC1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd547C7BBD2.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd547DC64F1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd547F29921.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd548073981.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd548073992.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd548B2A3F1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd548C71361.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd548C713A2.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd548D8C7E1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd548EF2B81.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd548EF2BB2.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd549044981.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54918D151.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd5492D27E1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd549423FF1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd549969FE1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd549ABB821.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd549C18741.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd549C18752.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd549D5E7E1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54A0321E1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54A18C3E1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54A2A47E1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54A57DE31.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54A698FE1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54A7EA7E1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54A955111.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54AAA2E41.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54ABE6D31.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54AD3C461.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54AEB38A1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54B00EA51.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54B124FF1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54B27B851.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54B3DD111.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54B520601.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54B676811.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54B7D1051.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CA317F0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CB82FE0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CB82FF1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CB83012.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CCEEB40.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CCEEB61.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CE25FE0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CE25FF1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CF8EAA0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54CF8EC21.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D0CFB00.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D0CFB21.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D22B5F0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D22B621.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D380750.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D4C94C0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D60EFE0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D60F041.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D60F072.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D7607F0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54D8D00B0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DA0A060.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DCEE070.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DE7B610.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DE7B7D1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DE7B7E2.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DE7B7E3.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DF5CF40.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DF5CFB1.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54DF5CFD2.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54E0EA7A0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54E0EA801.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54E0EA812.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54E2098C0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54E49B690.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54E604DD0.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54E884000.exe
C:\Users\Krykro\AppData\Local\Temp\GPUpd54EB26FE0.exe
C:\Users\Krykro\AppData\Local\Temp\ose00000.exe
C:\Users\Krykro\AppData\Local\Temp\qrnhrons.b3l.exe
C:\Users\Krykro\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Krykro\AppData\Local\Temp\sonarinst.exe
C:\Users\Krykro\AppData\Local\Temp\sr43812.exe
C:\Users\Krykro\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Krykro\AppData\Local\Temp\ubi8B4F.tmp.exe
C:\Users\Krykro\AppData\Local\Temp\updr52850.exe
C:\Users\Krykro\AppData\Local\Temp\updt41851.exe
C:\Users\Krykro\AppData\Local\Temp\utt357A.tmp.exe
C:\Users\Krykro\AppData\Local\Temp\zidnzlq0.ihq.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-23 10:12

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS) (Fixed) (Total:1841.31 GB) (Free:364.38 GB) NTFS

Available physical RAM: 12948.39 MB
Total physical RAM: 16319.79 MB
Percentage of memory in use: 20%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: B3F1B0BC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=21.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1841.3 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\couponsupport-S-649636217.job => c:\support\couponsupport.exe./schedule /profile c:\support\649636217.ini <==== ATTENTION
Task: C:\Windows\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1209329574-1280058198-2886538683-1001Core.job => C:\Users\Krykro\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1209329574-1280058198-2886538683-1001UA.job => C:\Users\Krykro\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Krykro\Desktop" je 40865 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **vyosek** » 26 úno 2015 15:43

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

VIRY.CZ

Vyskakovací reklamy a přenastavení dom. str.

Vyskakovací reklamy a přenastavení dom. str.

Re: Vyskakovací reklamy a přenastavení dom. str.