VIRY.CZ

Včera my antivírus nahlásil že mám v notebooku vírus trojan a malware, potreboval by som pomoc s jeho odstránením. Prikladám RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vladimír at 2015-06-03 09:43:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 92 GB (61%) free of 152 GB
Total RAM: 3980 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:43:58, on 3. 6. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Shop til Drop\shop_til_drop_helper_service.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\XTab\cmdshell.exe
C:\Program Files (x86)\XTab\HPNotify.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vladimír.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1 ... FPRYEFPRYE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1 ... FPRYEFPRYE
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: LuckyTab Class - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} - C:\Program Files (x86)\XTab\SupTab.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: mail update Service (mailUpdate) - Skytech Co., Ltd. - C:\ProgramData\MailUpdate\mailUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - DTools LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10631 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:000000000000022C;0000000000000234; /AddRef;
C:\Windows\system32\WLANExt.exe 32552880
\??\C:\Windows\system32\conhost.exe "-289961976417626638-172643811-580374706472757307-662128960-882438220-696885124
/QuitInfo:00000000000005C8;00000000000005CC; /AddRef;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\ProgramData\MailUpdate\mailUpdate.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
taskeng.exe {68151812-242F-42DD-9438-F5D8F9781595}
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe"
"C:\Program Files (x86)\XTab\ProtectService.exe"
taskeng.exe {C3C34682-604F-46CA-B8B5-70CB6FA6E1D4}
"C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe" /rawdata=qYSq6x4AIMDcjYZiZDPVK+yMcH/Ps/jMR8MZDbuByAuC0oh8S7vfLyXKQJ5L9EltYChqfZwLZJGfg8N/sHxGa0wkKOsG/q547ikZUCZu6sP+m1SOhMreVLxxZKMlVBZvpY+TsTt49kR97zOAAi/UQzsa2nOhhS2mJ7KpgvooIAeCBos6R5fge1pCJcBGnTpEkdjAiomb0c/+DW5dz0kd5OFiNixSqKq6ULJ8Ol2O8W+KuZmBvJLmNKZ1xXP3w1cilDkdJFXJtf9syWoTj2lyHx1aYjQt9Z2jBjFpThdNiOBw6sQOIJeHr3HY2BfrT1LWY3GsEds/LS95vFM3gHyOo6B3dG3BP6NTTMyBFYNZ0Axx8OGdyfvMqnCG4ASecQwscHunEtkcPQ+WXsT5oT5PxMZVVG+lG4GJqdrC7WFriLOgbxoEDuN3HKXysDztJwpqynofSjENi6cABf6EuQLX+fEqjgjsC255bbEdC3WpcXnfWTkkWVkvLb3QbzHa8FHVXbNLEq73wMNNUqB5tFqFWhMpH/a1c9a6hCqVuFzIwjig5edbHQcJ7oSTTKpqbG3uAm9g6k/Vh7C/xgFzwFHZ8N5MdTwCiye88ZjOTtpVkh04tnVcEMn5Da4FZFLgERX2a1URW8tDL3L4Dkkk2WysePVtUmvJ9xmcS2AY6EM+jh6Zw6Qs2JS32dXYH/dFTHMfKJTLCQRhX6uspRD0WQ95rAAD2w1apb3K9AWGF+BNYuvdFrgLx64Jx+1lEsBiS1jxQRFq0lyPfUk6p9OhxgXpPTCgY4cfLJAY9CbOzk5DJ9HeOZJzGkwrIWdWh+ajOvg+MhhKaGPZn/nhzBRmq/hmFDgtBPO9+C/gO0EGUoBxoO2avnUk9BSPHCWfbSAzJP3XaOAwnt/6Slp3PaoVSwS7hzP99+aWDkeluwhHwR/bJqTg1qExNAaZ50LMtDloin1F7HC+f3KPf+KxKlGK5N68e65j3wYgrQid8Dg/fb/n5czAGflcOaJNRZTIQk4C5eyckWsM7Knk9Ben7NCOXeQhx6NsaY4KPeyYAU3GHwOiZ6ENOWLE7TzNJUTjVS9KcrNfgKPS/imRIGN+B1BWIzpxHGxnFFa4Bbe0vIvIzWuQOCLbMmM0iS1eO6Fop6o1u61GTx64tgisvoOY6wKHVKk4bYZ6wuRx7TOI+RM6QZr4q0AMJ0slhF/Fzx75Z+KpWh42YgTMwDuZsmfyb0WEppWHbyJ5+QwktnR7jkX0FN21Bzkiz20hGPDoVq+p5zcMXcVkUSBN7l8Zr1gtnkwW4p1WrfrQYLkS3egCCp3yJurufPvgLXrL2JpjCG5C9oVMsrvzAPuggv+9GCAGfmn9nU3Upg==
"C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe" /rawdata=gFxda4j0bYdQU3GNqPV2rsGBUrHrV4EuB/4K8+OZoaW/fF28CKp9FXmQ45J0WhCLTafSAp1Nu8aOkjZjMFeqcMvy+QUI7vHt5BRx/qRIGucU5e62YD9PR/19GbFJaUb4iPnhjvfVm+5VSCjYhzy9UOahzJNTqGDJN61Deh5OpwIYdO1SndKuZc2J3X3XlfdFe5RC8E0C0Qovata796OLOye8LSlGLUkKjqJLAqG1T+iPrKcNH8pYgREwCMfkUmIr1lENIKLwMHbQgpTGaCH+8Px6+XruhZsdvTL/NJBtKnTLFRC7rISLaaXh8niI307Qet8ADgPvJ7mzREXgpdf+oDCH++MLoliZSwMI8ZupNDrDvw+NWGoGLF+oHmHkc9+foTOI+kluFWDlbWMfKyU8nRf4pd450ucXXl2AnEF29xY6vIscPsBayBVUAiyh6Pyuc5PO3KrVuVJNxdX72x2h858cy9/Eth+5odRUkQABFwEDPBqpqVR6k6+m8q5RqlnUBssUpS5rz94AL+iC4tgNE41t8snDn3abMHPqkjK/LJVw90oVj3OAXZKFRFZ5HZDJjaRJnyeHe7M1lZ6NcdtM1JUT3cJLM1ndGPOx77WMmCyrKu2ByJ+Hn+zN3ApXZYWizH+1V04LIo4osAjL+zFxp3QqdnrDa7D39Ai4xCizIFh4lunZ4DLGIGFFwM8huLigdosnW8AxcHtfxXz2rjvw0NtRCZ7vPkM5r+INDgGuyE5iEMhD/g8nNWjkmuvTAY1+vCR+N23A65gtNxg9hoBX1CGZkyH/o4mbNCXOKE2ys0dMZS17uztQkgQ/75bcXTGhucadWeAXt3l4R5uGoaWBxgnArmgdLOPBp55FARihTQM7kwz+yHFukcQrwIS0LENVonQszSldBwYjNmgGvU3ulJhSATN8YDso/NynsYb0oXBjogMyryJhqazImf4tJ+irHxdHoUyWn1XqqOOojWsS3MbX07k/IJPYH2hM+g+t2+QldHyE9OQTAWC6Avemz8m1qLoqqQdS7Aor20iw8wBFdT0CHIP5x/S2GraXnfEPcvowELak18zLZdpcqT0+o5cZe7rn+yKk765ApdV9jEqNSbyIcHlqaBqPgoMNBMg1dhwnV1GeH37TXRyRi31/pZNDKuZVaQk3CNOn2OnO+wYpkMoCgLR01z4nitO3c9J2d5Os1JYx0Gh2aKkE9mE+u9EPowKW2r68d7DpHcCWhyG5yf8M00pra/X8Yx2OC84WLGB9oKeZb7TWtCPq8gSTJZAD4ZEi667u9G8vhkWATsyLgmwgTT0H5S667yEOh+vvIhc4TXFfGQBQK5Va6gx1w19Pwtkd74XiA7l2HJegqKMDUmE4ie6f+2ariB0sXomE8cuT7UfMEL3zqNRnF5ViTzlmRxcdA72aniZp6XEP9/Y/qlR1lqhkQdhoxEHZEulRd9wQyyFHhJu9dQX6AR7RC4FzvMGeb+I7g+VVW3/4m01AafB+WglZlBzY3MkIN3QygJQssFjtnORN83c8HTtinaEGHaHppSHSxuxvDO+DPEwSxSort2ZBtsJc45StVIqfbI02bR1CkKks6SHMrbSpGRSig9hGuoiB4i3XbDbm70N0Yx9OXOe1Rg7k6wWuQUYpzSq01a4exCPqrUWpaMZyx7TLdN/15DglWQb23s8vqUsB4lKlYaJzG29nja+JOu6p0LVoO5nqI5Qh1npNieogolh/kimcUnECZ4bUea40kDV70mynh6wulMzE/tqjZ1OaqVMJr3bfHjlNIpbxsVPw+vZUr45/GXKdERfvvaD3QJShBLief6qOBkZUfxAHJNRaUZ0f/UMqs16YcphjppYNkKFhGPee2GRjItyqaMiISoRyxUbTYDnfx7DWsbdfp/DsMKg0ehkA8m/0vxZxA1CpBREg4goYj19fdkuNqbHl5eHOJKGy0UbHpGVUz0VWBRLmR42EXeM7aVYB0S9BRUiYGJ1FrhuP8cYeCCLTFYQCacEDpxobwKXiA7uHSKfzeMIlFE0yBSOVaMW3NR7Sxp7mFFUyuxbwXBS2bm0RryWNzZQeHxpwdlPQe8Ao3EKgF/wwfQq6MXcAu0cC+vn55ZHMDBUXn7IQ4ouwb6fyN0mYub0l5zc49V0FHPpCcx+EZoTog3IsLXIpXmvsH3TZDZ6CtLmHPzUTykPj1LRgvUDPD7AqIR8z8gHADGo5gkHC5fzDxI4P0ZonJWdM3QssjNqNts26z5LARydTDvnexZRs8ND9gNyw0ijewLhN+WgAVXKRlieQKVR7aj/UrgmPMv2JZ9uT37gdSzM8XNJFIGQ4eZOelBkmNiJzxBpDr1xZiGUNjt+scncg2HRNbT5Kz9p5K6gQm0Ao2f/+aecFMf/yFCMW9lnFK+DXpJHsU42XqJMdhzzYLUxx1CV2aCpmLtXNsCydEA+vj+b3TzmCtOSV9TPxV41QqBtM9sci4xCifEAkiyT4SotR+Mb3b/fUofFDEhTiWVUDxnIYDQmEAMH8YjKzMcVbszJXyNQ7Smd9pfhPNHHTosI3MbfAxRgI3JCUyHKO
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Shop til Drop\shop_til_drop_helper_service.exe" /installationtime=1433277543 /AppName="Shop til Drop"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\XTab\cmdshell.exe"
HPNotify.exe -run
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDGesture.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
taskeng.exe {39B959FF-E695-40A9-9029-81BC0BCF9C6D}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6016.0.1596501480\111727231" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,43 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2653 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/ControlForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="6016.2.1035853489\1434016298" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/ControlForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="6016.3.871839802\435609795" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/ControlForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="6016.4.365883\693323951" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/ControlForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="6016.5.614932419\1762124402" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/ControlForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="6016.6.378441703\324363646" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A6_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/ControlForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="6016.9.1221798287\1071047578" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6016.10.2004491900\1673702441" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\GWX\GWXConfigManager.exe /RefreshConfig
taskhost.exe $(Arg0)
C:\Windows\system32\rundll32.exe appraiser.dll,DoScheduledTelemetryRun
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Vladimír\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\BYAIAMUF.job - C:\Users\Vladim�r\AppData\Roaming\BYAIAMUF.exe /infocmdline=ftAFnTObcoBipr7QrtT/nKQ9HLmLNPH0Xcp+tFFFsRKx1ULOWz+wPiV6YDaOWNy/rh7L2fYvVYObCsGhDG0LgRBBWxvx5H0ltvDfGoGa5YbU9tJ3sT4l624Maw0EOt6moW/rGP1kSbGkEFw6qu4C3UFOyq4LLevfIiu1s18CBMg2EtsOH/CaPgrALH+laKEdFBSU1xg5UACuo2cwKxPpTFWVyx7mn1QxyKMznpKIkpCINmdTbiJLccQOr2hwdpjFW3E9Ng79SWyNyZxN7Npg+4JKtsSHzL/DKkigXHrcpg04SDpb8tGpXWd2fyPa1ZZ9PRJ43daEkBUDE8z9pjEAi6nDIAUemw2jScGMIFapC4OK5RUFHrggfChqixtrcIkZFpD+rq7hYPZC4HZOb0TGtYCY81Bk1XL/5LDSVzH7HqDBIcsBVGlP7StfFcxMET5ow+qC7OuldWgXJzhiRDLiLcQUtFrQr+MbtKEn96GypnKYhMGt13pWRp1o5QfjHRRgsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe /rawdata=qYSq6x4AIMDcjYZiZDPVK+yMcH/Ps/jMR8MZDbuByAuC0oh8S7vfLyXKQJ5L9EltYChqfZwLZJGfg8N/sHxGa0wkKOsG/q547ikZUCZu6sP+m1SOhMreVLxxZKMlVBZvpY+TsTt49kR97zOAAi/UQzsa2nOhhS2mJ7KpgvooIAeCBos6R5fge1pCJcBGnTpEkdjAiomb0c/+DW5dz0kd5OFiNixSqKq6ULJ8Ol2O8W+KuZmBvJLmNKZ1xXP3w1cilDkdJFXJtf9syWoTj2lyHx1aYjQt9Z2jBjFpThdNiOBw6sQOIJeHr3HY2BfrT1LWY3GsEds/LS95vFM3gHyOo6B3dG3BP6NTTMyBFYNZ0Axx8OGdyfvMqnCG4ASecQwscHunEtkcPQ+WXsT5oT5PxMZVVG+lG4GJqdrC7WFriLOgbxoEDuN3HKXysDztJwpqynofSjENi6cABf6EuQLX+fEqjgjsC255bbEdC3WpcXnfWTkkWVkvLb3QbzHa8FHVXbNLEq73wMNNUqB5tFqFWhMpH/a1c9a6hCqVuFzIwjig5edbHQcJ7oSTTKpqbG3uAm9g6k/Vh7C/xgFzwFHZ8N5MdTwCiye88ZjOTtpVkh04tnVcEMn5Da4FZFLgERX2a1URW8tDL3L4Dkkk2WysePVtUmvJ9xmcS2AY6EM+jh6Zw6Qs2JS32dXYH/dFTHMfKJTLCQRhX6uspRD0WQ95rAAD2w1apb3K9AWGF+BNYuvdFrgLx64Jx+1lEsBiS1jxQRFq0lyPfUk6p9OhxgXpPTCgY4cfLJAY9CbOzk5DJ9HeOZJzGkwrIWdWh+ajOvg+MhhKaGPZn/nhzBRmq/hmFDgtBPO9+C/gO0EGUoBxoO2avnUk9BSPHCWfbSAzJP3XaOAwnt/6Slp3PaoVSwS7hzP99+aWDkeluwhHwR/bJqTg1qExNAaZ50LMtDloin1F7HC+f3KPf+KxKlGK5N68e65j3wYgrQid8Dg/fb/n5czAGflcOaJNRZTIQk4C5eyckWsM7Knk9Ben7NCOXeQhx6NsaY4KPeyYAU3GHwOiZ6ENOWLE7TzNJUTjVS9KcrNfgKPS/imRIGN+B1BWIzpxHGxnFFa4Bbe0vIvIzWuQOCLbMmM0iS1eO6Fop6o1u61GTx64tgisvoOY6wKHVKk4bYZ6wuRx7TOI+RM6QZr4q0AMJ0slhF/Fzx75Z+KpWh42YgTMwDuZsmfyb0WEppWHbyJ5+QwktnR7jkX0FN21Bzkiz20hGPDoVq+p5zcMXcVkUSBN7l8Zr1gtnkwW4p1WrfrQYLkS3egCCp3yJurufPvgLXrL2JpjCG5C9oVMsrvzAPuggv+9GCAGfmn9nU3Upg==
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe /rawdata=SYMnTQKCtUTgPVxwa5CQHr7V6R67DwAwbMUVJreladVAGIhWpV6vCHFf0Dd1uJIJ4K3yMYEFzT/DFhaxz4D5T+FGruaEc+d1ziVz4X/NfuCerhQIhdIBlxE2daLdUK8m6ub4v/yN4iIYFeCeB5YMrmk6hUwo0+d9oOy5j6WD1bR3ElWBCyQv6sGfbqbaBDK2zgtqiGEGWL0Xvu8NTUeFtIDGeofUTowZdytxnk232FqUqxdOo51UIuu5MKUTAACK8cVvhJu7YNVhLl/lpF4GvEoWvn7jQ2L0b/cXgvvkmI1q5+m9hsIxDW/NNIuxV8I+7DHN3DtDECqGRB2qBh4Re2WacBVWTB6SU1q0BjmUbBo3vFpK4uAlHqku3ciUSdHxlsoAfrLUA1GTVkwVc5leCJWPVKwcnvkcQf+ZH97YGTEXiA5cyTCyiGBoVpTnHQIuTAy2WJ+bjbTE8RG7qQDcy5iWfp1MHktAg5BmgLF8wy9FZf3/1GvmvKDyfMmfVtF6AzpxFX7ucpFuXSZ1vZ6TZlezGINOniVe6x6VZ9HxBmOr6HXUrFhT1h4SYuKjU/Buse8tX+ND2Hb/FyAj5WVubROnsvGRV5yRpW93XMQvwf68U+arN1yeZLQ9sGTo3buLx5HCIq/2QnnnD/IGR6PY+LlEH3nwyCBcVkLSsv0AJbol6XxZ/SI+G4KXH/SWB5tVIXUs9ycdt2sm35zdD+DQSe0ZGfGP6Qu2uvBDjMDBa68F8+wul8oDhXc9lQN3Db9Zx3Zz/oTF9NHG7ZWtNYpcsJV1yYG1zU5FP4VpRidBW+sICdjJqui9bvrb8b7u9mPqoacvdIz+S/rao+5MJGOvtrr1iAOSTs7VBBPjYNsCHPwAbVxFGaX/Ht1cdJgiodZhWHh9Q6xw8mtUgyCb7jkXKi5C2vgeGnl6WqaO0khuPqJQ5tDngqq9GZJVqrQZwEfUUWvu5bke8c4nIyQ1neqdg1XfOmhpZlqFf0g3Ss/CyxkyVr7v+sYH6sSwA6+VeyXOBZfBQmZRWgOMEhQKFSzjkf9hG7eH6h2/IekRSgIN49W8AFod/G5DufP4l6WDr896N/CwtiAFIcXCbREff4cvpLHbY4JGThgVI6nrbdryRuay8iHMSG/RLBN1X35efEtHLeo01OHzKdCryFkMRMSpE9iiFpkIHF7kGw2hKsXhnlchORdiWxV56M/4cAeGN0zqm+sySjFpSWQ/j2IiMTl+lf5zsoNtb2eJMpa0cCvuFF7txYZb/bxKm+QRpNMxNsY/AjdqJdsYyZLG39MfIiySejx0flQsQOtZMl0hkLWVWhwM2Kslg4VLZwiPlDdc5g+nMi3wY/jaAXRKnpFwtHW9D2CK2PvkAWRXa0bMOqCI7+76tltFcrlEEytPTYa98ElWYqfemMUkR/usqObRrT0S2lZalv27uzWngbi9OHAKBZA41npPAjqWxxPj9Gui7gJQlq182CSnt1w0gsYRs2tbcfj3T7zeBz1BL/WmYgZg32YuwxNodGmcWbu6z/qJQVOE
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe /rawdata=FA0xe3ejMJpw/2IJ9+rP4IHA+55Qng/bICRGCIF6BdY0wrFPIQzUcfBnSXCusXBDwYsWia8Ka2lBqlBtQ7/kheIGp1i5H3q+YLGE/WsJYmiIiRHk7HpRqxUUVbDkjbN//tSI7B+LGfU1dzh6xmbvjqeJRKBZjmXbm8w4ia/m9wwQWHw5knT8JVBW7/vLi7/WEEBX+br4mn+bwJ5qHtk2chsYOsKd/rPNgUnROHxGR/EBuKG9SZaifXzCxLa9fEXhE6YauHbbK2h/Xyz0bfZg//AAImL+0avpojtU7T+OPXwn0iYqfDkaKrjDqn6pqPTO33DVfCvHOiYA08vrnaS7DSlxl3/amKv61DYyJYuZ/9nbnhpYJqp/TauvkC+7f9F29S2Tq450xnOrZGrZxp73hAmoDzaqa6DOpJwC11+octoRB2at74P5/2vX+JPsnPJRo2cxMw2Fqo+k7fWTn5tPu8BH727ChcbNWxYKDJppKjbLkz+7++asyPBerLgUfTznqtaHSyopyptjy5PwOjNwNQLj2BxLVI+wIFVgqR4NdC3ibitq+Rw1sYRfvy7AGxgaEgvoO0uUtTHubXVMI0tzhDHZDwEhWRtqB55Q0e8G/+r4erJ61jVs7d04D3ko6S1zDxazyArKz8UIySli3RBr68V1BnFctAexZLcACzHmBbN3kkGmAdlIdnvD2+xgM2ynda4EVXA0fMtByuWL93EQ2ymt2X2VMiumzNDNqOCvxWuhqbhXHAcB5f1kExaodoTuMjzuNG7WEsi0unnYQ3MWpzRSiPq6fx5kdubtCi5BS4GgqtvGlG+SrFl7RslVyd6D6EOAkMUuBTCmw06/p8k03A==
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.exe /rawdata=eMbYeuVSliNax57Luq95IskpqGmrlxHRFxl+ZOsvTzjPG0PjNElf961jaIPe0s5qMasYkPrII2lXyyCQP70e46rA20M4HAgQlOYu7fE3S68u7XeT8lsqQYVxc7p+Jjbz+IpHB1G8yZ+hej8zj56ENmAbR53XyXuZWM7Jx+/1MA1TPK6VaQ6fwgZEVdNCM7aZT/3ULfUkQsYJPiQRwgVF6avNIy2Ug2NUJXkQvDLAdpk5kVcgjBvmMBC7akMvf6B4kEtk1KZHE9UxYAYWQWk8Yb8yS7MdM+itXp2DF+WNdEHcXBnlIWMIyn/A+h7hg/6fKu/lZiyqDorWd499iE4VJKcAcRc9U2glWulYcxWe3C14RKW0uQl03DB2+zuE20jUiFgT3se7tLZilBeQ7ZthkClawl5Aj+nrrZ9JxSaPAB+Rq2j5l9B1AnHABd0ATmEQkzzpsrE54AwZ3Z8ko+dTbcE80tR3BFRCRLzGDuXeDwmV2JsEl/2FEmNZBCTQ69K0LdKu29eojKhpZmoFS2xQmXKpWtijPM2Vcv7sihpInlGJzR1eDW8KOn1eP6SxLGJQ1B+QRupo1zDtvSJw7FeAsHcNS/+Hhs3/nnpgvzthCj7jEjXxB4g4a4Zttzu0hp2drLlTqJrU1nJ6HK7X06G6NY3ygUzBrt/OGFqNaGxq4gBo8PvHv+gZ+h9hY5aT7XuBtiQZP9XMWjehjt+GMmskChu158nf8WfkGp2vLKTFoD3R0pKj/MIFv2PeW249Zd5K5ASsS+iGTVjuQx+OVOPt5a0V1WSBMtp5c+7hoUv1NdEz+IZFt3k9ka+m6ofzpE/nms/z8P216fl7/2WrobQUmwPzhq++OZE+Ozdms72htHOdHBhjiT7IEmQuVDPdymm6SNAFI0P5hEOSLGsaJ3y9W6RV481MWXbbhTzXjvJOsxzsXab0y19EtRtN6wnVvMdzgCXItB7v94l0sHQ94SX1vnlQ1RMcyihWiB7ax31PFLrAS2pFFM0djOFo1qpibN1Ou+o/Zfd7oSP1SdJmqj7T2Pytxxnlnv2jobPHTwA/hkLtp12rz2XmaOPOrc/ysFHi58HdXEsCdi6zTYQDl4N/K95N10y2Y3/sMNjRYrHA9qijTNYjYgh+yDANErBLdk5L9UQ0JvB8hfz0R4h9kxBRlHFArUzMzd1VcOzCEtrsbGZGSPiuiF/ex7tE9UEoB4Z3KN6p2T8fwtnyZhEu1pBCm4Zns7VACKVa3eQ1Pk6AKX7XQsMNCE0iNqPw9rO3PhpziPfPMqwuWhqGng+0jTF5zctNALybJqFxWjlIjsYyZCA6JO7bJIfsGhI42iRKqoBOFlRV4lPTHuwvvsiw7/zLFCE/eAs3GLBw5Pfz7kue52zAR/fy2db3XD3iF9eKr9+9cnbN/hznDF+o/+8m8n0jLtPVJ71EoRkKftcu258MoGj3NG/593S6vVpO8eC+BpdWRShydu5qk/P/DM7j8D3lRx4oMKZeDfMUhsOq3aJbMuB5AmrBfmNUAsGzm2PAyh3TvRupI39znmo50ga4A3HZoC27BvTCPNsZNilpUxLLPCv5LTKR90HEvP58fcdTxdlYhwyw4KW6pV7JhsuMgLrTZRhlLDZ1kDuSeIikyVb+OPEVB+cQHQ3wcLRZP0eNhDY8KylGD57e2F1cwg6wVlFZoJYAU5bm24kZaZYdMb3jjvEFeHyAzNmzeWlGHwGR2F7+ylvZlTCXQta/OIY5ZkWMKWVgD5Sd51CAIVDw4FKR2vEiB2Qj37O+TBuGN7TUuPRkNvqRdMogpBzYz2Lr4OUes8dbw0Sfgywfy6e549SIU8haekCvQlhyXdMKObuSqDfkS8lWti5u6PGM9Haw+e2IXA==
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe /rawdata=XP3SBIlh2W+MYUWBGoaqDumD6uD/kPxF2yQrSMrFLOEyiU3jY3k9d7GjrkS/3ErHlbcAI4XWUUtbAtUMwgm+zdcK52YiqZuwPC4/blTMnCnr2hIvH4sv6KGkgJ6wjLr2oeOykBlsu3SBP5KLRLknI016NPzx9FW5CV77pyb8XEGnxMBfxmLnR5AzNZp+OSacR74y9+0k79z+4nhhGcbRIUYbDk7v519pbrpc0Xks0uYBr1rG91QYDxNA+C9267zMTjjlv8QEKgPcxcOxFkezKbgBVUT2V37cE+S1Tli/0ZjDlqIu04PeNYz4v2V5Bbptk+AYUnlMn5ydI6DtKvQF6oZvIjVPaqBtVlcRetbzKLOUU3NXhlUPqdwa7EeZtYkq/EAkPBT/qBlZcZUslxy2lYR+HF8K0tPCnFp9duxOvJD2WmrqaK9xsJuS67QMwsv/IgDO84QEmRBAJLgJieVPUSLJymofsJcUwdrANIQDIS8Po907RE3LSCzGcP/K9J3OGoYoAe8j7QGO86DpbkV/yu/jhhrCKAwbZBN2LmpdNU2cPxAAV/G/Yu/q2KgzSxpbF1YDYJ/beXNvO1TrIdaAFueLxpWvEmIxy6lNEQEOgEGMOtGGLcFD6LneboUSF4RjkOqxs7YLct5NLANcBKcYRDAhDri8bsxQ3Yqd34FkKi24+1JnXyG/oHXdl0sUBomrDGjeUPRFI6YNK/8qam8cFGrRC983GkpXqRExVLu26pL0tPW6gEzU3PgVn0yXxg/z2QeUhGtKvD+rg4gKk8nuRSsnUDCD791Ji6izp4R2d3Mu4XGfIRfMzk0bjjeTWMJRwqDxTREHr2yY3YP3NPrzQhftnv34vlXpTt/eBe9knVFJRGmbMAn0lsfKK+QzK5wB7FFpntOh2ZOe0jxjhxY3p4atuTz1eO6v3I7LOfgBxH1n3YtbJELkh0yGZBNqr9MKXt8T0EcSx7y8Vy87jw9lf3ojywH+dqC8RQwSeT9HXpimh5FWXatdbZCiwsqfLBDw
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe /rawdata=XP3SBIlh2W+MYUWBGoaqDumD6uD/kPxF2yQrSMrFLOEyiU3jY3k9d7GjrkS/3ErHlbcAI4XWUUtbAtUMwgm+zdcK52YiqZuwPC4/blTMnCnr2hIvH4sv6KGkgJ6wjLr2oeOykBlsu3SBP5KLRLknI016NPzx9FW5CV77pyb8XEGnxMBfxmLnR5AzNZp+OSacR74y9+0k79z+4nhhGcbRIUYbDk7v519pbrpc0Xks0uYBr1rG91QYDxNA+C9267zMTjjlv8QEKgPcxcOxFkezKbgBVUT2V37cE+S1Tli/0ZjDlqIu04PeNYz4v2V5Bbptk+AYUnlMn5ydI6DtKvQF6oZvIjVPaqBtVlcRetbzKLOUU3NXhlUPqdwa7EeZtYkq/EAkPBT/qBlZcZUslxy2lYR+HF8K0tPCnFp9duxOvJD2WmrqaK9xsJuS67QMwsv/IgDO84QEmRBAJLgJieVPUSLJymofsJcUwdrANIQDIS8Po907RE3LSCzGcP/K9J3OGoYoAe8j7QGO86DpbkV/yu/jhhrCKAwbZBN2LmpdNU2cPxAAV/G/Yu/q2KgzSxpbF1YDYJ/beXNvO1TrIdaAFueLxpWvEmIxy6lNEQEOgEGMOtGGLcFD6LneboUSF4RjkOqxs7YLct5NLANcBKcYRDAhDri8bsxQ3Yqd34FkKi24+1JnXyG/oHXdl0sUBomrDGjeUPRFI6YNK/8qam8cFGrRC983GkpXqRExVLu26pL0tPW6gEzU3PgVn0yXxg/z2QeUhGtKvD+rg4gKk8nuRSsnUDCD791Ji6izp4R2d3Mu4XGfIRfMzk0bjjeTWMJRwqDxTREHr2yY3YP3NPrzQp3F02NQnawBQ5Lkze9lBuaJfQ01Kb0XewrpsGRmV4Rf6X2Ix2C8d0eU82T2lY70z2QFa9tahThgN4kjQfLUuiG3IZ7cCHb0xNRCKuq28vpY2UeLKH26qeT1Ao6B4mdVJug6DGev47/eLwijf8kIdndmcaExQp+ICjJUuUuKJn/o
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe /rawdata=gFxda4j0bYdQU3GNqPV2rsGBUrHrV4EuB/4K8+OZoaW/fF28CKp9FXmQ45J0WhCLTafSAp1Nu8aOkjZjMFeqcMvy+QUI7vHt5BRx/qRIGucU5e62YD9PR/19GbFJaUb4iPnhjvfVm+5VSCjYhzy9UOahzJNTqGDJN61Deh5OpwIYdO1SndKuZc2J3X3XlfdFe5RC8E0C0Qovata796OLOye8LSlGLUkKjqJLAqG1T+iPrKcNH8pYgREwCMfkUmIr1lENIKLwMHbQgpTGaCH+8Px6+XruhZsdvTL/NJBtKnTLFRC7rISLaaXh8niI307Qet8ADgPvJ7mzREXgpdf+oDCH++MLoliZSwMI8ZupNDrDvw+NWGoGLF+oHmHkc9+foTOI+kluFWDlbWMfKyU8nRf4pd450ucXXl2AnEF29xY6vIscPsBayBVUAiyh6Pyuc5PO3KrVuVJNxdX72x2h858cy9/Eth+5odRUkQABFwEDPBqpqVR6k6+m8q5RqlnUBssUpS5rz94AL+iC4tgNE41t8snDn3abMHPqkjK/LJVw90oVj3OAXZKFRFZ5HZDJjaRJnyeHe7M1lZ6NcdtM1JUT3cJLM1ndGPOx77WMmCyrKu2ByJ+Hn+zN3ApXZYWizH+1V04LIo4osAjL+zFxp3QqdnrDa7D39Ai4xCizIFh4lunZ4DLGIGFFwM8huLigdosnW8AxcHtfxXz2rjvw0NtRCZ7vPkM5r+INDgGuyE5iEMhD/g8nNWjkmuvTAY1+vCR+N23A65gtNxg9hoBX1CGZkyH/o4mbNCXOKE2ys0dMZS17uztQkgQ/75bcXTGhucadWeAXt3l4R5uGoaWBxgnArmgdLOPBp55FARihTQM7kwz+yHFukcQrwIS0LENVonQszSldBwYjNmgGvU3ulJhSATN8YDso/NynsYb0oXBjogMyryJhqazImf4tJ+irHxdHoUyWn1XqqOOojWsS3MbX07k/IJPYH2hM+g+t2+QldHyE9OQTAWC6Avemz8m1qLoqqQdS7Aor20iw8wBFdT0CHIP5x/S2GraXnfEPcvowELak18zLZdpcqT0+o5cZe7rn+yKk765ApdV9jEqNSbyIcHlqaBqPgoMNBMg1dhwnV1GeH37TXRyRi31/pZNDKuZVaQk3CNOn2OnO+wYpkMoCgLR01z4nitO3c9J2d5Os1JYx0Gh2aKkE9mE+u9EPowKW2r68d7DpHcCWhyG5yf8M00pra/X8Yx2OC84WLGB9oKeZb7TWtCPq8gSTJZAD4ZEi667u9G8vhkWATsyLgmwgTT0H5S667yEOh+vvIhc4TXFfGQBQK5Va6gx1w19Pwtkd74XiA7l2HJegqKMDUmE4ie6f+2ariB0sXomE8cuT7UfMEL3zqNRnF5ViTzlmRxcdA72aniZp6XEP9/Y/qlR1lqhkQdhoxEHZEulRd9wQyyFHhJu9dQX6AR7RC4FzvMGeb+I7g+VVW3/4m01AafB+WglZlBzY3MkIN3QygJQssFjtnORN83c8HTtinaEGHaHppSHSxuxvDO+DPEwSxSort2ZBtsJc45StVIqfbI02bR1CkKks6SHMrbSpGRSig9hGuoiB4i3XbDbm70N0Yx9OXOe1Rg7k6wWuQUYpzSq01a4exCPqrUWpaMZyx7TLdN/15DglWQb23s8vqUsB4lKlYaJzG29nja+JOu6p0LVoO5nqI5Qh1npNieogolh/kimcUnECZ4bUea40kDV70mynh6wulMzE/tqjZ1OaqVMJr3bfHjlNIpbxsVPw+vZUr45/GXKdERfvvaD3QJShBLief6qOBkZUfxAHJNRaUZ0f/UMqs16YcphjppYNkKFhGPee2GRjItyqaMiISoRyxUbTYDnfx7DWsbdfp/DsMKg0ehkA8m/0vxZxA1CpBREg4goYj19fdkuNqbHl5eHOJKGy0UbHpGVUz0VWBRLmR42EXeM7aVYB0S9BRUiYGJ1FrhuP8cYeCCLTFYQCacEDpxobwKXiA7uHSKfzeMIlFE0yBSOVaMW3NR7Sxp7mFFUyuxbwXBS2bm0RryWNzZQeHxpwdlPQe8Ao3EKgF/wwfQq6MXcAu0cC+vn55ZHMDBUXn7IQ4ouwb6fyN0mYub0l5zc49V0FHPpCcx+EZoTog3IsLXIpXmvsH3TZDZ6CtLmHPzUTykPj1LRgvUDPD7AqIR8z8gHADGo5gkHC5fzDxI4P0ZonJWdM3QssjNqNts26z5LARydTDvnexZRs8ND9gNyw0ijewLhN+WgAVXKRlieQKVR7aj/UrgmPMv2JZ9uT37gdSzM8XNJFIGQ4eZOelBkmNiJzxBpDr1xZiGUNjt+scncg2HRNbT5Kz9p5K6gQm0Ao2f/+aecFMf/yFCMW9lnFK+DXpJHsU42XqJMdhzzYLUxx1CV2aCpmLtXNsCydEA+vj+b3TzmCtOSV9TPxV41QqBtM9sci4xCifEAkiyT4SotR+Mb3b/fUofFDEhTiWVUDxnIYDQmEAMH8YjKzMcVbszJXyNQ7Smd9pfhPNHHTosI3MbfAxRgI3JCUyHKO
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe /rawdata=tmGWWCJADds+iTHY8amo+I95xV0euyNrOM2BSEuAoDZjUzFtc2/LokOpfd1C/fT2uo1Rv8VEzS17G47LOJffSSIZWPqlQLO767I7HK3drnespC+F+zp93TS6f2wscXdBY+XDBL9PbYe/RKkPGFl22vm/A8bGxwpAxezkd/IdV6JTb3h7CZCVpxxMDVkgp7Mlk46MEHIWfBHJNH56Tb7wEMDyBhBYt5DGXvvG70e5r7Tg1CUx83uzxAaYB1BmX3KT+H0+5ImWK1mnsjvUrt4Ox/rrE4RBQ63L65iOD2r9ou5fboIfO2LB//KtwwWdswGJ95nvMH8mJzsimHFe46IhUaAM6DYPnkFULIakDsSgt4diJck0s+SCfkFOR1oTZc5V7XZ4dYRQKZscYfTivoiEr44HpcvfCBxGbgcZmfbiQQ24kZ465dxvVHqjnI+el9BM+IrKhzbj+thna+PdpL0/IV+VYk6sj+jXdhJjH5hzGo60egqTfQ8EzgpYDIAz1v0sLdR1zhIaWT2lumo6LvFbgOnrKjKSyDAVrLIJ8eTlvqofikYbbNhPp/FcV1LxAUFTNDZdTQgOY9hwit/v6nZP/1yWp44Kc+AxaKKTII+oJbpuugyj+SOGDPZ4DHSFn5PxMVsUkE1iDnxFJdvi7AoO9R8N0pSBlxAqQeYnpjbZb9e8SjO8kb/EIkFo4FJE2D/AemWT266EGXQSSYuhbQfz0+F3nhfaiTk7S2jwJM0R9K7KlFDWyShZlWr8xxCZiTDDda2051YnQzh2ZmPx02saul6Y48aekuCJq/B0aNqX88h440HoN6CDLrHcmN/5B8EU12zzpI/l1ecyvnpWfD4ef5iMPLvOTpuXuExbhVVnM2l2VdM6OIr9THMjHW3iHEY7dJh3TRNVRV5IcjMryVFnn/j1F+S5K+xzV2M3x89IyJFNRBo6WKlS+NrhPsH5KFHA1C1ZiHZvq7URMOz8Vn5pTonb/ohKnIx9fiUEaw311x75ApWiR8FXy02YBqr2hrTyLfUpdjEMGZxMQDkvG9CTJ+zKAxmgWyTFkqbVMHC6wnR/ZJnjqb5U1RuaA46TkAi43QvrUu8GZ8uABB9r8LEbNHHemrOttgpikNEfa7DzUDzsKozJYcJVaZzVZNzfpFVQ7mGYec5hgWLME1w6czXinL5ElmZMZbgM83/2ySc6a+Oc0nRdZM5jap5QtvgkgK75CJk5AEBcnk3cAwIjPHN8skV9Nk8aHBfLuYLTsNcuICo05Y2aOkdHEXqdE3zV577Pe2Qr3F1MxntUpZWUoN148suR8g/6x73T0kczXhMa05emXIacEv7uykONCpwUC66qyHhjL6Gcl9KfhxKRDbNsIomVUx97Uh//EOF/ucckZG7o/GebFQgSSILscDGnKXKNGX8VBUPMxllJSJ/SZ0f02z8A26zPkylF/dWE1Wc0pKZuKW8/xIylFHLWq/OyMeAY7diLcsLRqlm4uXPbOOvSbiLAJT7Hr6Un0Aq6gesKUxcaKzsDblqGxB+npNuYn15YxWAoDT/C0Xfd2VvnQBLDXEluRnMuK9DfWwTgWHUWq5rhhdZDHfhLqCcpmEvwWEfbfsBRUP1zcecCDUEN6SSwctCQK9/+Wh1q0z6WAtiGb0PTWYdePTbEmO7rdAThTY4/HvNhngoQk0JimCdrm4kZzgETiqnsolgyHC7UmtvqfTCuabC56sXaWXypGQOsCujWnOadv00OYm15uVsCvdgQL6MsTOCK8gn49c0AIuWITUc9GRmCq/VqBOIH9+w7JGe8+ArGEEn9n8v1Bl0ujplB8s9K6lAW37V3owj1QEuCX3jAQ+nA7MHihm1ob8FIZJanHQsIXcxilZDCh0rtkDu82lEr7tNRmUSvR2OW4eGlXSTznQ0/LvNyWg7iVoBizXkoiFOsPg64XPE1pDcc02ErZ30BqqYl3JZU0jFoXurlgZSnN8QGbtQ5U/MQzOaWlbVeCjnwOzqDrUGRfSxYxlboa44kqfOBdGDixNivgGF+ty5gB/BBbJrGBC5xS+r76jaJQFldeo6J9qCgNDw46ZppRCmXkgBKhzfikrIppiOEInWrBj5dW7Hyyz4G1Iq9bADfohNq2Ve4xFq310xo165Mi0SObltxlNSjsrFPhAcVzDxQvcAIcdnlMooGrxWGamqRje+NveFW02DQUTwbKRY2lnIKoVR0EXDUc73XVvhieP8m6Zdxf/o9v9s0dRlaJ8Yugid95Mc2fLwtMDR0j6J6+BlEalwyyswwALxeLrShj+23Mu6wlPGJrTfoToC3XUStyEOn9Ft7WUCuVW/er3jed1DHoqXU2ryXezMWlMo4Ry+HKmRkYkT+peHVpmogv2wE+3Q9y+C0+YQ/Rnlg7KEvs71gSM4J25GiRrl5U4EOcZXBg1pWy4CFtY3Vv4cs6g8OsZ7qEWuwFmzaNwA3iE9X4zQIupm/iR16QQ3UwCKtx0lyxOtbMr8Y1KHFF+rq5HtU3OoJMGjsp972BkgJU/4jM26Ws22JL2iU/rQxH8+VcjI/IV5zQE9RVIOGcAoh6mch
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\shop_til_drop_helper_service.job - C:\Program Files (x86)\Shop til Drop\shop_til_drop_helper_service.exe /installationtime=1433277543 /AppName="Shop til Drop"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
LuckyTab Class - C:\Program Files (x86)\XTab\SupTab.dll [2015-05-18 538240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-05-31 52352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-22 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-22 398616]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-02-19 2661672]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-05-26 361984]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [2012-05-31 1023616]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart []
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-04-10 455392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AthBtTray]
C:\Program Files (x86)\Bluetooth Suite\athbttray.exe [2012-05-31 801920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
D:\sandbox\SbieCtrl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31280256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-26 291608]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-22 430080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.inf - open -
.inf - install -
.ini - open -
.js - edit -
.js - open -
.scr - open -
.scr - install -
.scr - config -
.txt - open -
.vbs - edit -
.vbs - open -

======List of files/folders created in the last 1 month======

2015-06-03 09:43:52 ----D---- C:\rsit
2015-06-02 22:39:02 ----D---- C:\Program Files (x86)\Shop til Drop
2015-06-02 22:35:17 ----D---- C:\Program Files (x86)\VideoLAN
2015-06-02 22:34:17 ----D---- C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-06-02 22:34:15 ----A---- C:\Users\Vladimír\AppData\Roaming\BYAIAMUF.exe
2015-06-02 22:33:53 ----D---- C:\Program Files (x86)\globalUpdate
2015-06-02 22:33:44 ----D---- C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-06-02 22:33:33 ----D---- C:\ProgramData\IHProtectUpDate
2015-06-02 22:33:32 ----D---- C:\ProgramData\WindowsMangerProtect
2015-06-02 22:33:30 ----D---- C:\Program Files (x86)\XTab
2015-06-02 22:32:58 ----D---- C:\ProgramData\MailUpdate
2015-05-29 16:12:02 ----D---- C:\ProgramData\CODEX
2015-05-28 18:06:07 ----D---- C:\Users\Vladimír\AppData\Roaming\The Wolf Among Us
2015-05-13 23:41:21 ----D---- C:\Windows\PCHEALTH
2015-05-13 23:37:02 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 23:37:02 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:47:34 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-05-13 14:47:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 14:47:34 ----A---- C:\Windows\system32\schannel.dll
2015-05-13 14:47:34 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 14:47:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-05-13 14:47:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-05-13 14:47:27 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-05-13 14:47:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-13 14:47:27 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-13 14:47:26 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-05-13 14:47:26 ----A---- C:\Windows\system32\iernonce.dll
2015-05-13 14:47:26 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-13 14:47:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-05-13 14:47:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-05-13 14:47:25 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-05-13 14:47:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-05-13 14:47:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-05-13 14:47:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-05-13 14:47:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-05-13 14:47:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 14:47:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-05-13 14:47:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-05-13 14:47:23 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-13 14:47:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-05-13 14:47:22 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-05-13 14:47:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-05-13 14:47:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-05-13 14:47:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-05-13 14:47:22 ----A---- C:\Windows\system32\urlmon.dll
2015-05-13 14:47:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 14:47:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-05-13 14:47:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-05-13 14:47:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-05-13 14:47:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 14:47:21 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-13 14:47:21 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-13 14:47:20 ----A---- C:\Windows\system32\iesetup.dll
2015-05-13 14:47:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-13 14:47:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-05-13 14:47:19 ----A---- C:\Windows\system32\vbscript.dll
2015-05-13 14:47:19 ----A---- C:\Windows\system32\iertutil.dll
2015-05-13 14:47:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-05-13 14:47:18 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-05-13 14:47:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-05-13 14:47:18 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-13 14:47:18 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-13 14:47:16 ----A---- C:\Windows\system32\ieui.dll
2015-05-13 14:47:16 ----A---- C:\Windows\system32\ieframe.dll
2015-05-13 14:47:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-13 14:47:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-13 14:47:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-13 14:47:15 ----A---- C:\Windows\system32\jscript.dll
2015-05-13 14:47:14 ----A---- C:\Windows\system32\wininet.dll
2015-05-13 14:47:14 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-13 14:47:14 ----A---- C:\Windows\system32\jscript9.dll
2015-05-13 14:47:13 ----A---- C:\Windows\system32\msrating.dll
2015-05-13 14:47:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-13 14:47:12 ----A---- C:\Windows\system32\mshtml.dll
2015-05-13 14:47:10 ----A---- C:\Windows\system32\services.exe
2015-05-13 14:47:00 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-13 14:47:00 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-13 14:46:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-13 14:46:58 ----A---- C:\Windows\system32\ntdll.dll
2015-05-13 14:46:57 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-05-13 14:46:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-05-13 14:46:57 ----A---- C:\Windows\system32\tdh.dll
2015-05-13 14:46:56 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-05-13 14:46:56 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-05-13 14:46:56 ----A---- C:\Windows\system32\kernel32.dll
2015-05-13 14:46:56 ----A---- C:\Windows\system32\advapi32.dll
2015-05-13 14:46:55 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-05-13 14:46:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-05-13 14:46:55 ----A---- C:\Windows\system32\wow64.dll
2015-05-13 14:46:55 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-13 14:46:55 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-13 14:46:54 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-05-13 14:46:54 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-05-13 14:46:54 ----A---- C:\Windows\system32\winsrv.dll
2015-05-13 14:46:54 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-13 14:46:54 ----A---- C:\Windows\system32\srcore.dll
2015-05-13 14:46:54 ----A---- C:\Windows\system32\sechost.dll
2015-05-13 14:46:54 ----A---- C:\Windows\system32\logman.exe
2015-05-13 14:46:54 ----A---- C:\Windows\system32\KernelBase.dll
2015-05-13 14:46:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-13 14:46:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-13 14:46:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-05-13 14:46:53 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-05-13 14:46:53 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-05-13 14:46:53 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-05-13 14:46:53 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-05-13 14:46:53 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-05-13 14:46:53 ----A---- C:\Windows\system32\wdigest.dll
2015-05-13 14:46:53 ----A---- C:\Windows\system32\typeperf.exe
2015-05-13 14:46:53 ----A---- C:\Windows\system32\smss.exe
2015-05-13 14:46:53 ----A---- C:\Windows\system32\rstrui.exe
2015-05-13 14:46:53 ----A---- C:\Windows\system32\kerberos.dll
2015-05-13 14:46:53 ----A---- C:\Windows\system32\conhost.exe
2015-05-13 14:46:52 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-05-13 14:46:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-05-13 14:46:52 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-05-13 14:46:52 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-05-13 14:46:52 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-05-13 14:46:52 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-13 14:46:52 ----A---- C:\Windows\system32\sspicli.dll
2015-05-13 14:46:52 ----A---- C:\Windows\system32\relog.exe
2015-05-13 14:46:52 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-13 14:46:52 ----A---- C:\Windows\system32\lsass.exe
2015-05-13 14:46:52 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-13 14:46:52 ----A---- C:\Windows\system32\auditpol.exe
2015-05-13 14:46:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-05-13 14:46:51 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-05-13 14:46:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-05-13 14:46:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-05-13 14:46:51 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-05-13 14:46:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-05-13 14:46:51 ----A---- C:\Windows\system32\wow64win.dll
2015-05-13 14:46:51 ----A---- C:\Windows\system32\wow64cpu.dll
2015-05-13 14:46:51 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-13 14:46:51 ----A---- C:\Windows\system32\srclient.dll
2015-05-13 14:46:51 ----A---- C:\Windows\system32\secur32.dll
2015-05-13 14:46:51 ----A---- C:\Windows\system32\ntvdm64.dll
2015-05-13 14:46:51 ----A---- C:\Windows\system32\diskperf.exe
2015-05-13 14:46:51 ----A---- C:\Windows\system32\credssp.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:46:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:46:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:46:49 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:46:49 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-05-13 14:46:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:46:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:46:48 ----A---- C:\Windows\SYSWOW64\user.exe
2015-05-13 14:46:48 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-05-13 14:46:48 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-05-13 14:46:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-05-13 14:46:48 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-05-13 14:46:48 ----A---- C:\Windows\system32\msobjs.dll
2015-05-13 14:46:48 ----A---- C:\Windows\system32\msaudite.dll
2015-05-13 14:46:48 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-13 14:46:48 ----A---- C:\Windows\system32\adtschema.dll
2015-05-13 14:46:34 ----A---- C:\Windows\system32\win32k.sys
2015-05-13 14:46:34 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 14:46:34 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 14:46:33 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 14:46:29 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 14:46:29 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 14:46:27 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 14:46:27 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 14:46:23 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 14:46:22 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 14:46:18 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 14:46:17 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-13 14:46:17 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 14:46:17 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 14:46:17 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 14:46:17 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 14:46:17 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-05 16:26:15 ----A---- C:\Users\Vladimír\AppData\Roaming\update.dat

======List of files/folders modified in the last 1 month======

2015-06-03 09:43:55 ----D---- C:\Program Files\trend micro
2015-06-03 09:43:44 ----D---- C:\Windows\Temp
2015-06-03 09:42:59 ----A---- C:\Windows\SYSWOW64\log.txt
2015-06-03 09:41:01 ----D---- C:\Windows\system32\config
2015-06-03 09:40:36 ----D---- C:\ProgramData\NVIDIA
2015-06-02 22:39:05 ----D---- C:\Windows\Tasks
2015-06-02 22:39:05 ----D---- C:\Windows\system32\Tasks
2015-06-02 22:39:02 ----RD---- C:\Program Files (x86)
2015-06-02 22:37:32 ----D---- C:\Users\Vladimír\AppData\Roaming\vlc
2015-06-02 22:36:26 ----D---- C:\Users\Vladimír\AppData\Roaming\Skype
2015-06-02 22:34:29 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-06-02 22:34:00 ----SHD---- C:\Windows\Installer
2015-06-02 22:33:33 ----HD---- C:\ProgramData
2015-06-02 20:32:03 ----D---- C:\Users\Vladimír\AppData\Roaming\uTorrent
2015-06-01 10:27:55 ----SHD---- C:\System Volume Information
2015-05-31 20:23:12 ----D---- C:\Windows\System32
2015-05-31 20:23:12 ----D---- C:\Windows\inf
2015-05-31 20:23:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-31 13:29:46 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-05-31 13:29:46 ----SD---- C:\Users\Vladimír\AppData\Roaming\Microsoft
2015-05-28 18:17:03 ----D---- C:\AdwCleaner
2015-05-27 16:38:13 ----D---- C:\Users\Vladimír\AppData\Roaming\The Creative Assembly
2015-05-26 11:45:13 ----D---- C:\Windows\winsxs
2015-05-26 11:10:31 ----D---- C:\Windows
2015-05-26 11:10:31 ----A---- C:\Windows\Sandboxie.ini
2015-05-21 09:32:00 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-21 09:31:59 ----SD---- C:\Windows\system32\GWX
2015-05-14 20:37:20 ----D---- C:\Windows\Microsoft.NET
2015-05-14 20:35:59 ----RSD---- C:\Windows\assembly
2015-05-14 11:55:35 ----D---- C:\Windows\SysWOW64
2015-05-14 11:51:53 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-14 11:51:53 ----D---- C:\Windows\system32\en-US
2015-05-14 11:51:52 ----D---- C:\Program Files\Internet Explorer
2015-05-14 11:51:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-14 11:51:37 ----D---- C:\Windows\AppPatch
2015-05-14 11:51:36 ----D---- C:\Windows\system32\drivers
2015-05-14 11:51:34 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-14 11:51:23 ----D---- C:\Windows\system32\DriverStore
2015-05-14 11:51:23 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-13 23:54:17 ----D---- C:\Windows\system32\catroot
2015-05-13 23:49:57 ----D---- C:\Program Files\Microsoft Security Client
2015-05-13 23:49:56 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-05-13 23:48:55 ----D---- C:\ProgramData\Microsoft Help
2015-05-13 23:48:29 ----D---- C:\Windows\system32\MRT
2015-05-13 23:41:38 ----A---- C:\Windows\system32\MRT.exe
2015-05-13 23:35:40 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-13 23:35:40 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 14:45:16 ----D---- C:\Windows\system32\catroot2
2015-05-06 20:54:36 ----D---- C:\ProgramData\Skype
2015-05-06 20:54:17 ----RD---- C:\Program Files (x86)\Skype
2015-05-05 16:25:20 ----D---- C:\ProgramData\Package Cache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-12-23 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-03-26 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\D:\ultraiso\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-02-09 42696]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-02-29 17152]
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys [2012-04-12 35968]
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys [2012-04-12 16512]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-05-31 36480]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-01-11 2801664]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-05-31 341120]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-05-31 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2012-05-31 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2012-05-31 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-05-31 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2012-05-31 281472]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-05-31 551040]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-02-24 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-02-19 200488]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-22 14692224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-02-20 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-03-26 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-03-26 789272]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-12-23 104048]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-03-23 2193008]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-01-05 489552]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-12-24 310984]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-09-04 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-09-04 27760]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-05-31 119424]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-05-18 157824]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-29 277784]
R2 mailUpdate;mail update Service; C:\ProgramData\MailUpdate\mailUpdate.exe [2015-05-28 820224]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-13 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-03-23 27760]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2015-06-02 695976]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-06-02 68608]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-06 107912]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-22 276248]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-06-02 68608]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-06 107912]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-05-15 837824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-11 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

# AdwCleaner v4.206 - Log vytvorený 03/06/2015 at 10:05:49
# Aktualizované 01/06/2015 by Xplode
# Databáza : 2015-06-01.1 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : Vladimír - VLADIMIR-PC
# Spustené z : C:\Users\Vladimír\Desktop\adwcleaner_4.206.exe
# Nastavenia : Čistenie

***** [ Služby ] *****

[#] Služba Zmazané : globalUpdate
[#] Služba Zmazané : globalUpdatem
[#] Služba Zmazané : IHProtect Service
[#] Služba Zmazané : WindowsMangerProtect

***** [ Súbory / Priečinky ] *****

Priečinok Zmazané : C:\ProgramData\WindowsMangerProtect
Priečinok Zmazané : C:\ProgramData\MailUpdate
Priečinok Zmazané : C:\ProgramData\IHProtectUpDate
Priečinok Zmazané : C:\Program Files (x86)\globalUpdate
Priečinok Zmazané : C:\Program Files (x86)\XTab
Priečinok Zmazané : C:\Program Files (x86)\CinemaP-1.9cV16.03
Priečinok Zmazané : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\MailUpdate
Priečinok Zmazané : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\oursurfing
Priečinok Zmazané : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\globalUpdate
[!] Priečinok Zmazané : C:\Users\Vladimír\Desktop\hosts
Priečinok Zmazané : C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb
Súbor Zmazané : C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage
Súbor Zmazané : C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage-journal
Súbor Zmazané : C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0
Súbor Zmazané : C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acklnhgjphbhhomkneonohbjnbmkclfb
Súbor Zmazané : C:\Users\Vladimír\AppData\Roaming\BYAIAMUF
Súbor Zmazané : C:\Users\Vladimír\AppData\Roaming\BYAIAMUF.exe

***** [ Naplánované úlohy ] *****

Úloha Zmazané : globalUpdateUpdateTaskMachineCore
Úloha Zmazané : globalUpdateUpdateTaskMachineUA
Úloha Zmazané : BYAIAMUF
Úloha Zmazané : e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6
Úloha Zmazané : e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7
Úloha Zmazané : e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user
Úloha Zmazané : e653cf25-f107-4cbe-b8d1-5dadaea354f2-3
Úloha Zmazané : e653cf25-f107-4cbe-b8d1-5dadaea354f2-5
Úloha Zmazané : e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user
Úloha Zmazané : e653cf25-f107-4cbe-b8d1-5dadaea354f2-6
Úloha Zmazané : e653cf25-f107-4cbe-b8d1-5dadaea354f2-7

***** [ Zástupcovia ] *****

Zástupca Dezinfikované : C:\Users\Public\Desktop\Google Chrome.lnk
Zástupca Dezinfikované : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

***** [ Registre ] *****

Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Kľúč registra Zmazané : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\156eacdc-6be3-484e-958c-b1950c01381c
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Dáta Obnovené : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dáta Obnovené : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Kľúč registra Zmazané : HKCU\Software\GlobalUpdate
Kľúč registra Zmazané : HKLM\SOFTWARE\AskPartnerNetwork
Kľúč registra Zmazané : HKLM\SOFTWARE\Conduit
Kľúč registra Zmazané : HKLM\SOFTWARE\GlobalUpdate
Kľúč registra Zmazané : HKLM\SOFTWARE\Iminent
Kľúč registra Zmazané : HKLM\SOFTWARE\InstalledBrowserExtensions
Kľúč registra Zmazané : HKLM\SOFTWARE\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\SupDp
Kľúč registra Zmazané : HKLM\SOFTWARE\SupTab
Kľúč registra Zmazané : HKLM\SOFTWARE\supWindowsMangerProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\IHProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\SpeedBit
Kľúč registra Zmazané : HKLM\SOFTWARE\AIM Toolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\oursurfingSoftware
Kľúč registra Zmazané : HKLM\SOFTWARE\CinemaP-1.9cV16.03
Kľúč registra Zmazané : HKLM\SOFTWARE\CinemaP-1.9cV16.03-nv
Kľúč registra Zmazané : HKU\.DEFAULT\Software\APN PIP
Kľúč registra Zmazané : HKU\.DEFAULT\Software\HomeTab
Kľúč registra Zmazané : HKU\.DEFAULT\Software\simplytech
Kľúč registra Zmazané : HKU\.DEFAULT\Software\TNT2
Kľúč registra Zmazané : HKU\.DEFAULT\Software\WajIntEnhance
Kľúč registra Zmazané : HKU\.DEFAULT\Software\SearchProtectWS
Kľúč registra Zmazané : HKU\.DEFAULT\Software\Linkey
Kľúč registra Zmazané : HKU\.DEFAULT\Software\CinemaP-1.9cV16.03-nv
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV16.03
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17801

Nastavenie Obnovené : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v43.0.2357.81

[C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Homepage] : hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=AE03DC85DE236353
[C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Startup_URLs] : 843FCCCAFD1188C5632FA22AF03E963895DDAE62E64B0EF0B9C657473632C182"},"software_reporter":{"prompt_reason":"328B8392FEDD1431DF31D803519D86EDDEEAB931E3AE9CE909C334F98B90B03B","prompt_seed":"1E899D346E8E98DFB2B283F3CC7D5ED09D7415803E0A4EB48608B9D0FB67F30F","prompt_version":"DEB701961D23050792618856600A95E320D9381877CB89F4F6ED49CD08F6B356"},"sync":{"remaining_rollback_tries":"629B454FAF9F0E74E4420C93C75CC320F8C48694143F867C497268501E03742F"}},"super_mac":"644DE7C0CE5508F764C2634E527D0F77146033499E71F03B3F578D40AB596EB7"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=AE03DC85DE236353

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [1299 bajtov] - [26/03/2015 22:05:05]
AdwCleaner[R1].txt - [4041 bajtov] - [28/05/2015 18:15:14]
AdwCleaner[R2].txt - [16134 bajtov] - [03/06/2015 10:04:34]
AdwCleaner[S0].txt - [1301 bajtov] - [26/03/2015 22:06:44]
AdwCleaner[S1].txt - [4106 bajtov] - [28/05/2015 18:16:55]
AdwCleaner[S2].txt - [13575 bajtov] - [03/06/2015 10:05:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [13636 bajtov] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

skúšal som spustiť ten zoek ale vypisuje my tabuľku že

"K tomuto súboru nie je priradený program na vykonanie tejto akcie. Nainštalujte príslušný program. Ak je tento program nainštalovaní, vytvorte priradenie v ovládacom paneli Predvolené programy."

Mate stazeny tento zoek http://download.bleepingcomputer.com/smeenk/zoek.exe ?? Je to bezny exe soubor a uz jsme jich nekolik spousteli (RSIT, AdwCleaner)

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Vladimˇr on st 03. 06. 2015 at 11:02:33,59.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\VLADIM~1\Desktop\zoek (1).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-06-03-084156.log 1279 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Alwil Software deleted successfully
C:\PROGRA~3\Deadtime Stories deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\UpdatusUser\AppData\\LocalLow deleted successfully
C:\Users\VLADIM~1\AppData\\LocalGoogle deleted successfully
C:\Users\VLADIM~1\AppData\Local\CRE deleted successfully
C:\Users\VLADIM~1\AppData\Local\GHISLER deleted successfully
C:\Users\VLADIM~1\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2129452905-3581879027-2807029658-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} deleted successfully
HKEY_USERS\S-1-5-21-2129452905-3581879027-2807029658-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies deleted
C:\PROGRA~2\Total PDF Converter deleted
C:\Users\VLADIM~1\.android deleted
C:\PROGRA~2\ProtectDisc Driver Installer deleted
C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf deleted
C:\Support deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\VLADIM~1\AppData\Local\cache deleted
C:\Users\VLADIM~1\AppData\LocalLow\{897B26E4-8FF8-74C1-B271-9460C5D8A79C} deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\Users\VLADIM~1\AppData\Local\LumaEmu" deleted
"C:\PROGRA~2\Shop til Drop\shop_til_drop_helper_service.exe" deleted
"C:\PROGRA~2\Shop til Drop" not deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.81


HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\VLADIM~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[]

AdBlock - VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Bookmark Manager - VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Флаг России - VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpcdepnceibhgcfmkehlleemiejahmbp

==== Chromium Startpages ======================

C:\Users\VLADIM~1\AppData\Local\Chromium\User Data\Default\Preferences
"homepage": "http://www.google.com/",

C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
ConnectExternal"],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/* ... eapis.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13077792538413124","lastpingday":"13077788400265632","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"sk","default_locale":"en","description":"Peňaženka Google pre digitálne produkty","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Peňaženka Google","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra" ... e.readonly"]},"permissions":["identity","webview","https://wallet.google.com/","https://wa ... eapis.com/*"],"update_url":"https://clients2.google.com/service/upd ... 5A22B39DD6"}}


==== Chromium Fix ======================

C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{691454BC-7C0B-45D9-AC54-A8F93091D709} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
{7FCD810F-046E-444B-B6AA-F19D3D2199BB} Wikipedia (en) Url="http://en.wikipedia.org/w/index.php?tit ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\VLADIM~1\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\VLADIM~1\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\VLADIM~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\VLADIM~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\VLADIM~1\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
C:\Users\VLADIM~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================


==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\hedev\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\VLADIM~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\VLADIM~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Shop til Drop" not found

==== EOF on st 03. 06. 2015 at 11:30:21,59 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Vladimír (administrator) on VLADIMIR-PC on 03-06-2015 11:47:06
Running from C:\Users\Vladimír\Desktop
Loaded Profiles: Vladimír (Available Profiles: UpdatusUser & Vladimír)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-05-26] (Alcor Micro Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\btvstack.exe [1023616 2012-05-31] (Atheros Communications)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012-12-11] ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.oursurfing.com/web/?utm_sour ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.oursurfing.com/web/?utm_sour ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.oursurfing.com/web/?utm_sour ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?utm_sour ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.oursurfing.com/web/?utm_sour ... earchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2129452905-3581879027-2807029658-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2129452905-3581879027-2807029658-1001 -> {7FCD810F-046E-444B-B6AA-F19D3D2199BB} URL = http://en.wikipedia.org/w/index.php?tit ... earchTerms}
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-05-31] (Atheros Commnucations)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-10-19] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2129452905-3581879027-2807029658-1001: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Vladimír\AppData\LocalLow\Sony Online Entertainment\npsoe.dll [2012-03-19] ()
FF HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Vladimír\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR Profile: C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-03]
CHR Extension: (Google Docs) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-03]
CHR Extension: (Google Drive) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-03]
CHR Extension: (YouTube) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-03]
CHR Extension: (Google Search) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-03]
CHR Extension: (Google Sheets) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-03]
CHR Extension: (No Name) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-03]
CHR Extension: (Bookmark Manager) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-28]
CHR Extension: (Google Wallet) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-16]
CHR Extension: (Gmail) - C:\Users\Vladimír\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-05-31] (Atheros Commnucations) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-13] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-03-23] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-05-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2012-04-12] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2012-04-12] (Windows (R) Win 7 DDK provider)
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [489552 2011-01-05] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-12-24] ()
R1 ISODrive; D:\ultraiso\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-02-09] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 11:47 - 2015-06-03 11:48 - 00015376 _____ () C:\Users\Vladimír\Desktop\FRST.txt
2015-06-03 11:46 - 2015-06-03 11:47 - 00000000 ____D () C:\FRST
2015-06-03 11:45 - 2015-06-03 11:45 - 02108928 _____ (Farbar) C:\Users\Vladimír\Downloads\FRST64.exe
2015-06-03 11:45 - 2015-06-03 11:45 - 02108928 _____ (Farbar) C:\Users\Vladimír\Desktop\FRST64.exe
2015-06-03 11:30 - 2015-06-03 11:30 - 00000000 ___RD () C:\Users\Vladimír\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-03 11:28 - 2015-06-03 11:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-06-03 11:03 - 2015-06-03 10:41 - 00001279 _____ () C:\zoek-results2015-06-03-084156.log
2015-06-03 11:02 - 2015-06-03 11:02 - 00002954 _____ () C:\Windows\System32\Tasks\{C370BADD-3CBB-4247-95C5-80F4F64B9DD2}
2015-06-03 11:01 - 2015-06-03 11:01 - 01308672 _____ () C:\Users\Vladimír\Desktop\zoek (1).exe
2015-06-03 10:39 - 2015-06-03 11:30 - 00016093 _____ () C:\zoek-results.log
2015-06-03 10:39 - 2015-06-03 11:22 - 00000000 ____D () C:\zoek_backup
2015-06-03 10:39 - 2015-06-03 10:39 - 61462618 _____ () C:\Windows\repository.backup
2015-06-03 10:39 - 2015-06-03 10:39 - 01308672 _____ () C:\Users\Vladimír\Desktop\zoek.exe
2015-06-03 10:03 - 2015-06-03 10:03 - 02231296 _____ () C:\Users\Vladimír\Desktop\adwcleaner_4.206.exe
2015-06-03 09:43 - 2015-06-03 09:44 - 00000000 ____D () C:\rsit
2015-06-03 09:43 - 2015-06-03 09:43 - 01222144 _____ () C:\Users\Vladimír\Desktop\RSITx64.exe
2015-06-02 22:39 - 2015-06-03 11:29 - 00000526 _____ () C:\Windows\Tasks\shop_til_drop_helper_service.job
2015-06-02 22:39 - 2015-06-02 22:39 - 00003494 _____ () C:\Windows\System32\Tasks\shop_til_drop_helper_service
2015-06-02 22:35 - 2015-06-02 22:35 - 00001000 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-06-02 22:35 - 2015-06-02 22:35 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-06-01 18:37 - 2015-06-01 18:37 - 00000000 ____D () C:\Users\Vladimír\AppData\Local\GWX
2015-05-29 16:12 - 2015-05-29 16:12 - 00000000 ____D () C:\ProgramData\CODEX
2015-05-29 13:32 - 2015-05-29 13:32 - 00003390 _____ () C:\Windows\System32\Tasks\GetNetworkInfo
2015-05-28 18:06 - 2015-05-28 18:06 - 00000854 _____ () C:\Users\Vladimír\Desktop\The Wolf Among Us.lnk
2015-05-28 18:06 - 2015-05-28 18:06 - 00000000 ____D () C:\Users\Vladimír\AppData\Roaming\The Wolf Among Us
2015-05-28 18:06 - 2015-05-28 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-05-26 11:39 - 2015-05-26 11:39 - 00000202 _____ () C:\Users\Vladimír\Desktop\Game of Thrones - A Telltale Games Series.url
2015-05-13 23:41 - 2015-05-13 23:41 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-13 23:37 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 23:37 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:47 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 14:47 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 14:47 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 14:47 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 14:47 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 14:47 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 14:47 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 14:47 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 14:47 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 14:47 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 14:47 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 14:47 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 14:47 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 14:47 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 14:47 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 14:47 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 14:47 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 14:47 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 14:47 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 14:47 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 14:47 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 14:47 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 14:47 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 14:47 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 14:47 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 14:47 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 14:47 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 14:47 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 14:47 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 14:47 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 14:47 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 14:47 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 14:47 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 14:47 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 14:47 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 14:47 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 14:47 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 14:47 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 14:47 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 14:47 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 14:47 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 14:47 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 14:47 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 14:47 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 14:47 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 14:47 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 14:47 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 14:47 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 14:47 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 14:47 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 14:47 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 14:47 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 14:47 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 14:47 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 14:47 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 14:47 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 14:47 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 14:47 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 14:47 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 14:47 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 14:47 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 14:47 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 14:47 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 14:47 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 14:47 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 14:47 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 14:47 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 14:46 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 14:46 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 14:46 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 14:46 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 14:46 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 14:46 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 14:46 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 14:46 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 14:46 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 14:46 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 14:46 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 14:46 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 14:46 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 14:46 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 14:46 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 14:46 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 14:46 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 14:46 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 14:46 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 14:46 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 14:46 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 14:46 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 14:46 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 14:46 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 14:46 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 14:46 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 14:46 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 14:46 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 14:46 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 14:46 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 14:46 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 14:46 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 14:46 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 14:46 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 14:46 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 14:46 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 14:46 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 14:46 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:46 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:46 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 14:46 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 14:46 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 14:46 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 14:46 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 14:46 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 14:46 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 14:46 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 14:46 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 14:46 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 14:46 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 14:46 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 14:46 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 14:46 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 14:46 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 14:46 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 14:46 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-06 20:54 - 2015-05-06 20:54 - 00000000 ____D () C:\Users\Vladimír\Tracing
2015-05-05 16:26 - 2015-05-06 15:45 - 00000001 _____ () C:\Users\Vladimír\AppData\Roaming\update.dat
2015-05-05 16:26 - 2015-05-05 16:26 - 00000000 ____D () C:\Users\Vladimír\Documents\Electronic Arts
2015-05-04 17:40 - 2015-05-04 17:40 - 00000000 ____D () C:\Users\Vladimír\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV - Full v1.11.0

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 11:38 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-03 11:38 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-03 11:34 - 2012-12-11 06:49 - 01777171 _____ () C:\Windows\WindowsUpdate.log
2015-06-03 11:34 - 2009-07-14 07:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-03 11:29 - 2014-12-03 08:24 - 00013204 _____ () C:\Windows\PFRO.log
2015-06-03 11:29 - 2014-11-01 12:32 - 00016259 _____ () C:\Windows\setupact.log
2015-06-03 11:29 - 2012-12-11 06:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-06-03 11:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-03 11:22 - 2012-12-10 22:32 - 00000000 ____D () C:\Users\Vladimír
2015-06-03 11:03 - 2012-12-11 13:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-03 10:05 - 2015-03-26 22:05 - 00000000 ____D () C:\AdwCleaner
2015-06-03 10:05 - 2014-10-16 14:23 - 00001308 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-03 10:05 - 2012-02-24 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-03 09:43 - 2015-03-26 16:34 - 00000000 ____D () C:\Program Files\trend micro
2015-06-02 22:37 - 2014-09-08 07:45 - 00000000 ____D () C:\Users\Vladimír\AppData\Roaming\vlc
2015-06-02 22:36 - 2014-09-08 07:38 - 00000000 ____D () C:\Users\Vladimír\AppData\Roaming\Skype
2015-06-02 22:35 - 2012-12-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-02 20:32 - 2014-09-12 14:36 - 00000000 ____D () C:\Users\Vladimír\AppData\Roaming\uTorrent
2015-06-02 11:42 - 2012-12-19 18:25 - 00000000 ____D () C:\Users\Vladimír\AppData\Local\CrashDumps
2015-05-29 16:11 - 2014-12-03 15:56 - 00000000 ____D () C:\Users\Vladimír\Documents\Telltale Games
2015-05-28 15:01 - 2013-01-07 18:13 - 00000000 ____D () C:\Users\Vladimír\AppData\Local\SKIDROW
2015-05-27 19:42 - 2013-03-24 12:48 - 00000000 ____D () C:\Users\Vladimír\Documents\Mlečenkov
2015-05-26 11:39 - 2015-04-07 18:07 - 00000000 ____D () C:\Users\Vladimír\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-26 11:10 - 2014-05-17 13:19 - 00002516 _____ () C:\Windows\Sandboxie.ini
2015-05-21 09:32 - 2015-04-05 09:23 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-21 09:31 - 2015-04-05 09:23 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-15 16:54 - 2012-02-24 13:40 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 16:54 - 2012-02-24 13:40 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 11:55 - 2014-11-01 12:32 - 05036600 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 11:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 23:50 - 2012-12-11 13:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-05-13 23:50 - 2012-12-11 12:34 - 00002123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-13 23:49 - 2012-12-11 12:34 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-13 23:49 - 2012-12-11 12:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-05-13 23:48 - 2013-08-16 23:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 23:48 - 2012-12-11 12:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 23:41 - 2012-12-11 15:49 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 23:36 - 2013-03-14 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 23:35 - 2013-03-14 17:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 23:35 - 2013-03-14 17:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 17:56 - 2013-09-28 10:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-06 20:54 - 2014-10-06 15:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-06 20:54 - 2012-12-11 21:14 - 00000000 ____D () C:\ProgramData\Skype
2015-05-05 16:17 - 2015-02-20 22:15 - 00039919 _____ () C:\Windows\DirectX.log

==================== Files in the root of some directories =======

2015-05-05 16:26 - 2015-05-06 15:45 - 0000001 _____ () C:\Users\Vladimír\AppData\Roaming\update.dat
2012-02-24 13:55 - 2010-10-06 19:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-12-11 07:24 - 2012-12-11 07:25 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-12-11 07:23 - 2012-12-11 07:24 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-12-11 07:23 - 2012-12-11 07:23 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-24 20:32

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Vladimír at 2015-06-03 11:49:01
Running from C:\Users\Vladimír\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2129452905-3581879027-2807029658-500 - Administrator - Disabled)
Guest (S-1-5-21-2129452905-3581879027-2807029658-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2129452905-3581879027-2807029658-1000 - Limited - Enabled) => C:\Users\UpdatusUser
Vladimír (S-1-5-21-2129452905-3581879027-2807029658-1001 - Administrator - Enabled) => C:\Users\Vladimír

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
Aktualizácie NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.4.42.69356 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.42.69356 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.140 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.11.12 - Atheros Communications Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version: - Telltale Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.3 - ASUS)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
myBitCast 1.0.0.3 (HKLM\...\myBitCast) (Version: 1.0.0.3 - ASUS Cloud Corporation)
NVIDIA Grafický ovládač 311.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.44 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 311.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.44 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 311.44 (Version: 311.44 - NVIDIA Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SOE Web Installer (HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\...\SOE Web Installer) (Version: 1.0.3.171 - Sony Online Entertainment)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.10.201308300830 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

17-05-2015 16:45:44 Windows Update
21-05-2015 09:31:05 Windows Update
24-05-2015 18:52:08 Windows Update
28-05-2015 10:29:29 Windows Update
31-05-2015 13:29:04 Removed Should I Remove It
01-06-2015 10:27:27 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-06 17:59 - 2015-06-03 11:03 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {123072E9-31BC-4BFC-ADCE-059949A120F0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-16] (ASUS)
Task: {1927922D-0DD9-49C2-8B4D-BFA8207B2190} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {253173FA-D550-48F1-A8D2-03FF0ADDAC2B} - System32\Tasks\{C370BADD-3CBB-4247-95C5-80F4F64B9DD2} => C:\Users\Vladimír\Desktop\zoek (1).exe [2015-06-03] ()
Task: {2FBFA6A4-6141-4DAA-8E52-A82DD83C69DA} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-17] (ASUSTek Computer Inc.)
Task: {4071BDBC-DBFA-4BA4-8211-386BE749F64D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {517774D0-8230-4B37-8550-D291D127062C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {60A370CF-1D97-45CE-B904-897BEF4F9ED7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {64B90034-B652-46F8-BA74-E10606AB3DFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {74960CA7-B50D-4A3D-838C-C6E30438E0F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.)
Task: {74BAB3AC-7C7A-4C02-9F63-AD3A5E095058} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.)
Task: {967ADC8B-63AF-4678-A52B-B78BAD60B228} - System32\Tasks\shop_til_drop_helper_service => C:\Program Files (x86)\Shop til Drop\shop_til_drop_helper_service.exe
Task: {A5376F2B-8CBC-495A-9E3F-865A0AC30177} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {AB1BB4DA-8C37-484E-A7B7-592EBBB6D404} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B5FEA886-33B3-4071-A7CE-B57F3004BA46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {BA2A8988-1408-4B0B-9F0A-27A564EB1D34} - System32\Tasks\RunGadgetController => C:\Program Files (x86)\ASUS\InstantOn for NB\GadgetController.exe [2012-02-04] (ASUS)
Task: {C92834A0-34C5-4146-B5EC-03D325CA9436} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {D1E303C6-8345-4BB0-B7E1-CF4C7CE33560} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {D24755BA-7FD3-42B8-A421-CAEDE4E22809} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2129452905-3581879027-2807029658-1001
Task: {D7855A0D-6FF7-478C-A40A-432A04A37631} - System32\Tasks\GetNetworkInfo => C:\Users\VLADIM~1\AppData\Local\Temp\setdebug.exe <==== ATTENTION
Task: {D9FE3A41-F236-4D55-83A7-A28ABC597F18} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-11] (Microsoft Corporation)
Task: {E5ECF645-3AC4-4825-A197-35011C27A339} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {EA04482C-E5AD-4E2E-9035-8E2678CAD5A7} - System32\Tasks\{C3B1B959-8E65-4B2B-ACE3-ADD171BCC84D} => pcalua.exe -a D:\Total.War.ShoGun.2.MOVIE.ADDON-KaOs\Install.exe -d D:\Total.War.ShoGun.2.MOVIE.ADDON-KaOs
Task: {EBFE4AB3-C504-46CA-A54A-CD6C9D27D221} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F47A2FC9-59E4-42FD-A0F1-7FE325331A6A} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-12] (ASUSTeK Computer Inc.)
Task: {FD08E250-BB58-4FF8-ACA4-41BE2F425D21} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-12] (ASUSTeK Computer Inc.)
Task: {FE9FB14E-DBC9-4EC5-B494-201BE938577D} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\shop_til_drop_helper_service.job => C:\Program Files (x86)\Shop til Drop\shop_til_drop_helper_service.exe

==================== Loaded Modules (Whitelisted) ==============

2012-12-11 06:58 - 2013-03-14 08:28 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-11 07:01 - 2012-02-21 22:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-01-13 15:27 - 2013-01-13 15:27 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-12-11 07:01 - 2012-02-21 22:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vladimír\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\athbttray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{254005C1-33D9-4B6A-92E7-0983E6F91C61}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{95B49DC6-D9D1-4E2D-B083-8186ACC3694F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1E0D4FF5-04E5-42F4-9485-337254BE1239}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B01E1666-465C-47B3-B61F-227186CF8990}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{709F07CF-C693-4F7B-8D33-28965D7BE327}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{158ACCB9-861E-492F-8888-86705093DBD8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4E2E34F5-C83E-42DB-94E0-81F9C246B06D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{F27C8852-6310-4FC4-BF69-E6B495097B4E}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{88C21B79-62DB-43A9-9720-85E7D588342D}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{A3910FCE-91B2-4BC1-BB5B-1E0A5E3242DD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{AED9F85D-FBE3-43D3-8324-5F9864FE305C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{008F662F-D51B-4785-A0EC-7D7798C7B479}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{9E11C2CD-7F0F-446B-86A9-007F658E68BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [TCP Query User{29F8A31D-84E7-4ACF-A99E-2426421F009C}D:\[r.g. mechanics] total war - rome ii\total war - rome ii\rome2.exe] => (Allow) D:\[r.g. mechanics] total war - rome ii\total war - rome ii\rome2.exe
FirewallRules: [UDP Query User{99D739C9-948C-473F-9D8D-6E8FAEF284C7}D:\[r.g. mechanics] total war - rome ii\total war - rome ii\rome2.exe] => (Allow) D:\[r.g. mechanics] total war - rome ii\total war - rome ii\rome2.exe
FirewallRules: [TCP Query User{EC752FD3-9113-4163-B158-FF26D6B86112}D:\godus\godus\godus.exe] => (Block) D:\godus\godus\godus.exe
FirewallRules: [UDP Query User{58193DB7-F3FA-4C22-A2DC-E29B33E3F140}D:\godus\godus\godus.exe] => (Block) D:\godus\godus\godus.exe
FirewallRules: [{67AC94DE-B3E0-4D75-B12A-F05476071356}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{E6F3374D-0C8B-45A1-94B5-B07E8D4241BD}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{F683E4D8-AD8D-4EF6-B7BB-85B9F29ACA98}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0768B9A1-B5F6-4598-BD72-C417F185171E}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{006D7E21-A3F7-4A3E-AD04-8D5F08ACC5AD}] => (Allow) D:\siri\Isoplex\Isoplex.exe
FirewallRules: [{035A1014-CD45-4E20-A094-50AE69D1821A}] => (Allow) D:\siri\Isoplex\Isoplex.exe
FirewallRules: [TCP Query User{722BE03B-26FE-4A05-B10C-565DF1C54A4A}C:\users\vladimír\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vladimír\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{F2431A77-C18F-44D9-B6A8-8B8D2FD7D8F5}C:\users\vladimír\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vladimír\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{F4E2D0C5-B786-48F6-BA1F-2D0F8BEDB00E}] => (Allow) C:\Users\Vladimír\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AAAB8A87-23B7-4E8F-A1BC-6BDB77A4D373}] => (Allow) C:\Users\Vladimír\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{6B93E441-287A-41D6-ADD7-351A3E892BCF}C:\users\vladimír\appdata\roaming\utorrent\updates\3.4.2_39710.exe] => (Allow) C:\users\vladimír\appdata\roaming\utorrent\updates\3.4.2_39710.exe
FirewallRules: [UDP Query User{D46F0106-0BCD-481D-BE68-C60DE50EC726}C:\users\vladimír\appdata\roaming\utorrent\updates\3.4.2_39710.exe] => (Allow) C:\users\vladimír\appdata\roaming\utorrent\updates\3.4.2_39710.exe
FirewallRules: [{2E9C38A6-9021-46C7-8F6D-6261AEA18E0D}] => (Allow) D:\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{0A54EC32-F38A-4CA3-B555-21CFB0B3FFA5}] => (Allow) D:\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [TCP Query User{FE046440-1BD2-430D-BCEA-2D7B0D942C03}D:\[r.g. mechanics] borderlands - the pre-sequel\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\[r.g. mechanics] borderlands - the pre-sequel\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{7F71EE9A-59BB-4D3D-ACD9-D920953F8C1A}D:\[r.g. mechanics] borderlands - the pre-sequel\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\[r.g. mechanics] borderlands - the pre-sequel\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{CEE28043-72B5-4B8F-8BC7-FD08AEFE97B6}] => (Allow) D:\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{714A3A3A-18E0-4FF3-B96C-1CDF1E03981B}] => (Allow) D:\Steam\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{CDD3A214-B5AC-4BB6-BEDA-7E82FDD91846}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{CBD0DFB5-80AA-4EE6-BFCE-FC3DDC0BC184}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{ECD5D90B-F4F3-4624-8E95-A8AE3AA3CAEB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6FFC860E-8225-40D9-B717-1CBB27607149}] => (Allow) D:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{CF0F6FD2-B722-4E3A-B388-841A7C7A5DDE}] => (Allow) D:\Steam\steamapps\common\Game of Thrones\Thrones.exe

==================== Faulty Device Manager Devices =============

Name: Periférne zariadenie Bluetooth
Description: Periférne zariadenie Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2015 11:34:53 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/03/2015 11:34:53 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/03/2015 10:57:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/03/2015 10:57:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/03/2015 10:47:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/03/2015 10:47:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/03/2015 10:40:17 AM) (Source: WinMgmt) (EventID: 4) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\WMP.MOF

Error: (06/02/2015 10:33:59 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.

Error: (06/02/2015 10:32:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: setdebug.exe, verzia: 0.0.0.0, časová značka: 0x536fd798
Názov chybového modulu: KERNELBASE.dll, verzia: 6.1.7601.18839, časová značka: 0x553e88ab
Kód výnimky: 0xc000008f
Odstup chyby: 0x0000c42d
Identifikácia chybného procesu: 0xed8
Čas spustenia chybnej aplikácie: 0xsetdebug.exe0
Cesta chybnej aplikácie: setdebug.exe1
Cesta chybného modulu: setdebug.exe2
Identifikácia hlásenia: setdebug.exe3

Error: (06/02/2015 11:42:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybovej aplikácie: CK2game.exe, verzia: 1.0.0.0, časová značka: 0x54b6957a
Názov chybového modulu: CK2game.exe, verzia: 1.0.0.0, časová značka: 0x54b6957a
Kód výnimky: 0xc0000005
Odstup chyby: 0x000380a0
Identifikácia chybného procesu: 0x69c
Čas spustenia chybnej aplikácie: 0xCK2game.exe0
Cesta chybnej aplikácie: CK2game.exe1
Cesta chybného modulu: CK2game.exe2
Identifikácia hlásenia: CK2game.exe3


System errors:
=============
Error: (06/03/2015 11:32:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby NVIDIA Update Service Daemon zlyhalo kvôli nasledujúcej chybe:
%%1069

Error: (06/03/2015 11:32:20 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe nvUpdatusService sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako .\UpdatusUser kvôli nasledujúcej chybe:
%%1330

Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).

Error: (06/03/2015 11:30:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
aswSnx

Error: (06/03/2015 11:29:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby atksgt zlyhalo kvôli nasledujúcej chybe:
%%1275

Error: (06/03/2015 11:29:51 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Driver atksgt.sys has been blocked from loading.

Error: (06/03/2015 11:21:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/03/2015 11:21:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/03/2015 11:21:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/03/2015 11:21:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (06/03/2015 11:21:52 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.


Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-02-09 10:04:37.942
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-09 10:04:37.864
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-09 10:04:36.132
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-09 10:04:36.054
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-08 20:07:22.632
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-08 20:07:22.569
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-08 20:07:20.978
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-08 20:07:20.775
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-08 14:00:18.954
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-08 14:00:18.892
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 29%
Total physical RAM: 3979.91 MB
Available physical RAM: 2791.18 MB
Total Pagefile: 7958.04 MB
Available Pagefile: 6412.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (system) (Fixed) (Total:148.13 GB) (Free:89.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (data) (Fixed) (Total:525.18 GB) (Free:244.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 30EC77D9)

Partition: GPT Partition Type.

==================== End of log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
  HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
  Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012-12-11] ()
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  2015-06-03 11:47 - 2015-06-03 11:48 - 00015376 _____ () C:\Users\Vladimír\Desktop\FRST.txt
  2015-06-03 11:28 - 2015-06-03 11:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2015-06-03 11:03 - 2015-06-03 10:41 - 00001279 _____ () C:\zoek-results2015-06-03-084156.log
  2015-06-03 11:02 - 2015-06-03 11:02 - 00002954 _____ () C:\Windows\System32\Tasks\{C370BADD-3CBB-4247-95C5-80F4F64B9DD2}
  2015-06-03 11:01 - 2015-06-03 11:01 - 01308672 _____ () C:\Users\Vladimír\Desktop\zoek (1).exe
  2015-06-03 10:39 - 2015-06-03 11:30 - 00016093 _____ () C:\zoek-results.log
  2015-06-03 10:39 - 2015-06-03 11:22 - 00000000 ____D () C:\zoek_backup
  2015-06-03 10:39 - 2015-06-03 10:39 - 61462618 _____ () C:\Windows\repository.backup
  2015-06-03 10:39 - 2015-06-03 10:39 - 01308672 _____ () C:\Users\Vladimír\Desktop\zoek.exe
  2015-06-03 10:03 - 2015-06-03 10:03 - 02231296 _____ () C:\Users\Vladimír\Desktop\adwcleaner_4.206.exe
  2015-06-03 09:43 - 2015-06-03 09:44 - 00000000 ____D () C:\rsit
  2015-06-03 09:43 - 2015-06-03 09:43 - 01222144 _____ () C:\Users\Vladimír\Desktop\RSITx64.exe
  2015-06-02 22:39 - 2015-06-03 11:29 - 00000526 _____ () C:\Windows\Tasks\shop_til_drop_helper_service.job
  2015-06-02 22:39 - 2015-06-02 22:39 - 00003494 _____ () C:\Windows\System32\Tasks\shop_til_drop_helper_service
  2015-05-05 16:26 - 2015-05-06 15:45 - 0000001 _____ () C:\Users\Vladimír\AppData\Roaming\update.dat
  2012-02-24 13:55 - 2010-10-06 19:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
  2012-12-11 07:24 - 2012-12-11 07:25 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
  2012-12-11 07:23 - 2012-12-11 07:24 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
  2012-12-11 07:23 - 2012-12-11 07:23 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
  
  Task: {D7855A0D-6FF7-478C-A40A-432A04A37631} - System32\Tasks\GetNetworkInfo => C:\Users\VLADIM~1\AppData\Local\Temp\setdebug.exe <==== ATTENTION
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\shop_til_drop_helper_service.job => C:\Program Files (x86)\Shop til Drop\shop_til_drop_helper_service.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Vladimír at 2015-06-03 14:28:34 Run:1
Running from C:\Users\Vladimír\Desktop
Loaded Profiles: Vladimír (Available Profiles: UpdatusUser & Vladimír)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2012-12-11] ()

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.oursurfing.com/web/?utm_sour ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

2015-06-03 11:47 - 2015-06-03 11:48 - 00015376 _____ () C:\Users\Vladimír\Desktop\FRST.txt
2015-06-03 11:28 - 2015-06-03 11:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-06-03 11:03 - 2015-06-03 10:41 - 00001279 _____ () C:\zoek-results2015-06-03-084156.log
2015-06-03 11:02 - 2015-06-03 11:02 - 00002954 _____ () C:\Windows\System32\Tasks\{C370BADD-3CBB-4247-95C5-80F4F64B9DD2}
2015-06-03 11:01 - 2015-06-03 11:01 - 01308672 _____ () C:\Users\Vladimír\Desktop\zoek (1).exe
2015-06-03 10:39 - 2015-06-03 11:30 - 00016093 _____ () C:\zoek-results.log
2015-06-03 10:39 - 2015-06-03 11:22 - 00000000 ____D () C:\zoek_backup
2015-06-03 10:39 - 2015-06-03 10:39 - 61462618 _____ () C:\Windows\repository.backup
2015-06-03 10:39 - 2015-06-03 10:39 - 01308672 _____ () C:\Users\Vladimír\Desktop\zoek.exe
2015-06-03 10:03 - 2015-06-03 10:03 - 02231296 _____ () C:\Users\Vladimír\Desktop\adwcleaner_4.206.exe
2015-06-03 09:43 - 2015-06-03 09:44 - 00000000 ____D () C:\rsit
2015-06-03 09:43 - 2015-06-03 09:43 - 01222144 _____ () C:\Users\Vladimír\Desktop\RSITx64.exe
2015-06-02 22:39 - 2015-06-03 11:29 - 00000526 _____ () C:\Windows\Tasks\shop_til_drop_helper_service.job
2015-06-02 22:39 - 2015-06-02 22:39 - 00003494 _____ () C:\Windows\System32\Tasks\shop_til_drop_helper_service
2015-05-05 16:26 - 2015-05-06 15:45 - 0000001 _____ () C:\Users\Vladimír\AppData\Roaming\update.dat
2012-02-24 13:55 - 2010-10-06 19:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-12-11 07:24 - 2012-12-11 07:25 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-12-11 07:23 - 2012-12-11 07:24 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-12-11 07:23 - 2012-12-11 07:23 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Task: {D7855A0D-6FF7-478C-A40A-432A04A37631} - System32\Tasks\GetNetworkInfo => C:\Users\VLADIM~1\AppData\Local\Temp\setdebug.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\shop_til_drop_helper_service.job => C:\Program Files (x86)\Shop til Drop\shop_til_drop_helper_service.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value Removed successfully
HKU\S-1-5-21-2129452905-3581879027-2807029658-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value Removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
C:\Users\Vladimír\Desktop\FRST.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results2015-06-03-084156.log => Moved successfully.
C:\Windows\System32\Tasks\{C370BADD-3CBB-4247-95C5-80F4F64B9DD2} => Moved successfully.
C:\Users\Vladimír\Desktop\zoek (1).exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Windows\repository.backup => Moved successfully.
C:\Users\Vladimír\Desktop\zoek.exe => Moved successfully.
C:\Users\Vladimír\Desktop\adwcleaner_4.206.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Vladimír\Desktop\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\shop_til_drop_helper_service.job => Moved successfully.
C:\Windows\System32\Tasks\shop_til_drop_helper_service => Moved successfully.
C:\Users\Vladimír\AppData\Roaming\update.dat => Moved successfully.
C:\ProgramData\FullRemove.exe => Moved successfully.
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log => Moved successfully.
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log => Moved successfully.
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7855A0D-6FF7-478C-A40A-432A04A37631}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7855A0D-6FF7-478C-A40A-432A04A37631}" => key Removed successfully
C:\Windows\System32\Tasks\GetNetworkInfo => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GetNetworkInfo" => key Removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\shop_til_drop_helper_service.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts restored successfully.
EmptyTemp: => Removed 643.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog 14:29:08 ====

Jak se chova notebook??

všetko vypadá že je v poriadku, dakujem za pomoc.

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse