VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michaela at 2015-06-18 20:47:57
Microsoft Windows 8.1
System drive C: has 139 GB (73%) free of 190 GB
Total RAM: 3982 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:03, on 18. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files (x86)\disco games\disco_games_notification_service.exe
C:\Program Files (x86)\dress4u\dress4u_notification_service.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Michaela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Michaela\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Users\Michaela\Desktop\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Users\Michaela\Desktop\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveSystemServices.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: ASUS Wake Service (WakeupService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11644 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
dashost.exe {1ab60e5c-f083-454e-8bf553b522ace251}
"C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted


taskhostex.exe
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
/QuitInfo:000000000000098C;0000000000000990;
/loadhooks /Parent:0000000000000b9c
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
taskeng.exe {EDDF0E15-E104-4BA6-A2A1-8CACDAD69826}
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\WINDOWS\system32\hkcmd.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe" /RunWithHide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"

"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" -Embedding
taskeng.exe {45B820FF-CCD6-484D-B518-863CEAAF5E18}
"C:\Program Files (x86)\disco games\disco_games_notification_service.exe" /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='disco games' /appid='73143' /srcid='2913' /bic='7283aa2056b2a337da640c1dd56aaf66' /verifier='e54ecdaba9431035a76c4d8241498cc9' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1429079294' /runfrom='task' /brwtype='notbg' /postponedhours='6'
"C:\Program Files (x86)\dress4u\dress4u_notification_service.exe" /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='dress4u' /appid='73143' /srcid='2913' /bic='7283aa2056b2a337da640c1dd56aaf66' /verifier='e54ecdaba9431035a76c4d8241498cc9' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1428777027' /runfrom='task' /brwtype='notbg' /postponedhours='6'
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5528.0.1438045376\1086912944" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5528 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="5528.7.1315215721\1764574933" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584

"C:\Users\Michaela\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\67455cff-43dc-490b-ace5-6ba279c9615b-1-6.job - C:\Program Files (x86)\iWebar\67455cff-43dc-490b-ace5-6ba279c9615b-1-6.exe /rawdata=S5Ty0r0D72CifQdoej8I5gEiak/URDgZ0irGp4UFLaLlZOlwBKJcmvJRzlaUrnrxkvZV6g05xbxvqRpQWYL8G8t4/pCom01Fk/s42weOApkGilI2bfZ3ecXPN1R0QNbnikjGHS4nN/gy2pAIrgP3TRJlhsbDXwUXvxBiwmD54X+ytpvvefCaUR3rtoaJDy23NMseRSnI/ZUxqlCGdeeuA0i91wRa5voRWi2r0dV8OZHXJFlTPoJoJo3PSALJyl86rVbcdNqvRzM0PdcGcWbZX4zMFYL7ygGDT4NnihAfMxVQixgBjb2lDVvhTIuxip+IDh6RIEbpKEB0FmTVQ2fIw6HCgxPhbsFQ0wDOGVjJrHLmEO9zG3/DbUdf68TzdRUxYX5pzQCIpP7NntJhf7oJuaDM7r93Wog8w/VO6Map6YUr58w0HnBzTfNmoUqhzH/EY+bsYyj28bg8k5374JstRJQ7HMx5r+VsFvJ9LaDz8WnwVVOjbruiCikgTXhEcmFNceGJ00Cx+xvN4OprhBv25VKTTDq6zJyDKrHxL53PnF7EOAxT0rJ6gzaPsDr7IgXw4IwVlCQM6GueKKu9G4rpAT1XGw9kbP91ghjOVpo9w/nYb6QYRSHR8kQ0wm2/44VneAyr8d9OjqWh5xxc0at8UKgz/281LTa93BpNDhScOh0VWWRR9Z2atmBWh1u7bDKg13Go+Qp1K67+v5e2aRNPM/kNPTtdFa3sJoxOXMr0InSxp4frmA2Zg787+rJq5zkzlAmcr9ciucEmrk7CGD/ZQYdQBXkT6f9ZcF9PvFHHkF3kWpIkF9m21MHQjYlQq0rOeyZKlyI2yofoZaC7Xs5ICmWcaSWup2m6kCCaJ+khqM3lQCn9Q/T24pWkeSnjQWJjneOIvrUX6GgZyTGwfU4G2xnTcVosgoOtpThAGzZW4ujKolTvStClLiNV3nTSaSW+FnSbLfRBjdyQj1wjh3aOZQJ2fwRdeSv1AIgqHwTV9qFsW1UZ+42I5MrMqMl/VgN7mdJgN/dqVmOTdXFjGOBJbKnF8qebT3qbJo/60jaGx9jA4McJf3uuVsqaWsfJIKdVs4yaRRFgzq6keMn/VL+I2fK+lZTMsvIhS5W3DwY64t5S3M1IpNzX1/Wt3IgaosthzDYBqpWoJXELG+ydkZzTeKfonyN03zzG5W/58HBy+VJczDJEoUZNXG4WJ0/PA2Fh8xbF8xzuAITvFvD0ITPKxE37mB6BXiKbrUYR7ubEjnmbC2d17KhH8YSxsbIWEzfe8me0JcBu0dxqMuPElF/JWwXJfJWfZIv4/ojlknaEbYCUhqHGUYZsIcby5hRjQBAJvvbHz0jsI0bg6a8xd89urzwT4fCRG2OOb0jWZB6JfTOtPJoOQw26NgakgaLEy3ozZHi2dtSKPYmRekFmGYPUcqvt7Wz+TJlKjDyRWBlyfbLpIoqXQzG1LJDwHvqUsOC/6OyGoPgqINjLcSkK3NsupvKEyhJG09xS7CXIyiRxthefSPi5lWNsWJmJyUIopq67
C:\WINDOWS\tasks\67455cff-43dc-490b-ace5-6ba279c9615b-1-7.job - C:\Program Files (x86)\iWebar\67455cff-43dc-490b-ace5-6ba279c9615b-1-7.exe /rawdata=juag+suKtRrrmYQqOxaaAx2uZLbQhrkV2PQ39eQTEnZmRJmQbpsqx48N1V0C0wcNpmX7KzGp9yjORwMvEdblNTXih+Kndu2CVHOuTCnU92TRPyPGXyDQwoMXMf41fEjdRG48AQxnzE0JbYIcecJTyXTufM9QBLWtEuvpOtrhfcyBRv2iNkXSZAYaVI1UdLI7N8IvCSRpo5zrAS6JSS/OFs95WcFE6dEijCdpBAFtnnrZIkMiZyc0Lxp/vGRIND6TVj5i1JWGcYrzXm1L/D0rALRuiGbIExurfv2uToadXTjCPyQgQuzEXalsXDzlySg/NfE7AxKZZ+xmfav9nM1dnZIJt5c2e9dwZ8Iwiia71fNxr1QBnVCwQDjQ7rNut/NMt/YTo1v6B7upFILfMCGgqR1OWLYVh6tftVq9XkFuEMupfq3DsiFyy6rwp2gTtAKBeNeYxpHu7zs7R6vbjadYCSlIoOiAHDZCXqZP89nxfocLTldX/iJ1Ye5UVgMhF6WUVHP0S4y8X5L7SGaqq2/s4rl3ivBB1702ukPWIvNcj6RPh0/Vhmk+kJR7olIQDRN9xe8h7iueidQ9a/txrTeKjMwcRJbBlHMwBg3zpjCuSln+3dL2amsl10pQRTVy1RalU7wPqmAQrwJrGgE5VtuvupSnSXT+ebDBGYQr1xwy0kIJJu0ilYgjYdsdK9FYlXgt+mVm60PMpdYhEO0EauTmjporNOU9O42eRzxndOleouDroAnd5CfTZuA9mX5v5X4ynPg725cgxLNz5JB3dtsHwEeLl8Zr45lFggC37glEnVaH01jPq/853qRPL9Gu+7nyBZdzUqxiEyOYrbOjZATMikx1iOqLPqnnLyexW+xNtrtvJkZ59J0Zm4P6Ev+Yjr0Lg+nAdo3DvsD9XcigGatGVbmJvRtyxg6d/NttPZPrxtBL+1n6nq/6rAVmsCSxoUgNe9ozW99j9P2nKaqgBIrECW6gqcwJDlp+uhlz3iV4Bas6h/AdnowHt3gnquVP/PJPUUp4R0tg5f6sY2dZ6p7F5DyeJ0lCfieV6+5+v/Gaojn+jYx/VaKqXyU8ADnEs8lwENmmr1Vc5urtrUPbby37BLWBcf4hjzJnSgArgtJUcU4etj9st6WDRja1UGX75PC8TDiUWdkbiiNepT5tFmH1pko4VmsLjdCxKwlkBHp/JxqaTV/bjifmWmBjc3gYVkMmmt++sSgXCdT4RoVh1morctDyh8ZyIMUArcXwmUGP1I1mkp+7RajlWmLqJaDoJNf34SbKsVTfvhk2fsa39a9y5X4GAfdPE5LSsPgom0VDPVwiIxsvDN3kFlvwdJP1+vAleNl6+nS1kO3on4k67eeYbINWeipjWIrK4570/+EnU8HCuWWFq000JNTOuCV/SzLTJi61Iv/4KHD0HIqHK6oL1QyhpmUYw75Cq4PaaWMSx3sOyuSjKOfAlieeUV0F0y5h0GMrVTfqsq0xVrFp7Ny5zuA5g8qNpY09FIey58hxdROi3I3mNZEIn+6CkTxBndeqRz1beLKGrDSJMY8qG32/nXa4qvGUVdgZAEDMS77P4LadVIFUqppM0Oh2zwzl5IYExIeCmDGHpXV3rdzi2GcTG0B6gCZPBQAWCy0p09PDkz7dur4xBCqSB39kUhFOX5di5k0g5SKY9VQZPkM5NgVxqu7DMGvsVzx5ylmCDSOTA7Q=
C:\WINDOWS\tasks\67455cff-43dc-490b-ace5-6ba279c9615b-5.job - C:\Program Files (x86)\iWebar\67455cff-43dc-490b-ace5-6ba279c9615b-5.exe /rawdata=SHaUeEHKEPjXblqvL0GypTxXhbIoHJ7uZ6kd6u3yTZZqJzflu6to51EfTmPF/7Pmq5/Al7Mtzfsxub4oOYiI+u7COTO/z3PqSBKNw/uLzKtYc1zWFFn5u2jmOq96VwRRSu2887kv8+AvbsIwYMLAqxV0wRuuh1QfnDk1o+hEciJoQgTBFNAb4uzO6vpbJn6TqA+rbRlycPHSV+C53TZxINfJmulUKH7WLT7zuNpC3BIvnMIgnODrBvvSztI7+iMOHn5m8bqyeFkGi35P7CUcGI/nxj3k0fEzm3Tzh/LEC/3JHNzxXAp4oAIwpXE8JSZkYVVN8tyF1XzB3mxBbAe985IHGF3vMG+/7FSULfARDuS2Jb0IR8jXPD0JVkz/TC1CjIUehexogN4g0Q5j39SqMrylBvM2Muw0sWMwSnThuwMardpknPK2lHUO2Q94bY+8I+pQJYPy/trMXcz56ppkZPRABvmeUmqw36hRPcuPslR5+GPfH0VqAzd6bWRU/1NiDlGYV/4L4FRkfSZHF7UDNSjcIbfATa7y1TpRUDv7CTrt+KOnqmiHQi6+Ffwc1CDugNBrA+fZQQ5i+4rpYttR3zddzjWUdKazTDWhtcvycRPy+62dPBjFTBBn9vKbNhmnnZp6S3tw2CUiaSBp5Sx6c6AcdYLUMC6JUlBcK4oJHl+xtNGWGIqfXXANuEmC9TKV8V9K5hSRDkdRi1mNclkEL8rd2fl5aUeyp/920Fcw0x5Vc13ZiW0bgmV/1+VxI9cdM/hQruxhSsJLDn6HICUR9TU/xxDsWdivKSSitE4/pKJJVZqXHPptd/ziR4vX5VR5O8pm4eHEQvVtfE1QISWtJFur/aQ+erF8cLRteeqQfRpFmvmZlXk/4kbhT2t5lV/6E0Hq0WVun60ybYJFoJGnBa47g2QOILGvMBVMjr1tO159wzBo9RuTCnBmNsMIDAS8WtW5RsShOxeHNNm0VjM5VanBP6dFm06FEyNIn1b//TBH7BUK90WL4pp8RXwPy2j2jvZEJ02MHIEHjff92nX5lDm9BOff7iRHq+fnRroM/aHrw2KWCM0JA1fXBJJu5iAvXu3EeVXKbdINPjQR4P7FRXGWAeqcM5go1d5vmwZyYnRFWygGSov7sQ4N32nRxvMOTfsznrMj9S/UJ4mUfZ1EUhvqDplXSGTTTIQ7bnZTCRY=
C:\WINDOWS\tasks\67455cff-43dc-490b-ace5-6ba279c9615b-5_user.job - C:\Program Files (x86)\iWebar\67455cff-43dc-490b-ace5-6ba279c9615b-5.exe /rawdata=SHaUeEHKEPjXblqvL0GypTxXhbIoHJ7uZ6kd6u3yTZZqJzflu6to51EfTmPF/7Pmq5/Al7Mtzfsxub4oOYiI+u7COTO/z3PqSBKNw/uLzKtYc1zWFFn5u2jmOq96VwRRSu2887kv8+AvbsIwYMLAqxV0wRuuh1QfnDk1o+hEciJoQgTBFNAb4uzO6vpbJn6TqA+rbRlycPHSV+C53TZxINfJmulUKH7WLT7zuNpC3BIvnMIgnODrBvvSztI7+iMOHn5m8bqyeFkGi35P7CUcGI/nxj3k0fEzm3Tzh/LEC/3JHNzxXAp4oAIwpXE8JSZkYVVN8tyF1XzB3mxBbAe985IHGF3vMG+/7FSULfARDuS2Jb0IR8jXPD0JVkz/TC1CjIUehexogN4g0Q5j39SqMrylBvM2Muw0sWMwSnThuwMardpknPK2lHUO2Q94bY+8I+pQJYPy/trMXcz56ppkZPRABvmeUmqw36hRPcuPslR5+GPfH0VqAzd6bWRU/1NiDlGYV/4L4FRkfSZHF7UDNSjcIbfATa7y1TpRUDv7CTrt+KOnqmiHQi6+Ffwc1CDugNBrA+fZQQ5i+4rpYttR3zddzjWUdKazTDWhtcvycRPy+62dPBjFTBBn9vKbNhmnnZp6S3tw2CUiaSBp5Sx6c6AcdYLUMC6JUlBcK4oJHl+xtNGWGIqfXXANuEmC9TKV8V9K5hSRDkdRi1mNclkEL8rd2fl5aUeyp/920Fcw0x5Vc13ZiW0bgmV/1+VxI9cdM/hQruxhSsJLDn6HICUR9TU/xxDsWdivKSSitE4/pKJJVZqXHPptd/ziR4vX5VR5O8pm4eHEQvVtfE1QISWtJFur/aQ+erF8cLRteeqQfRpFmvmZlXk/4kbhT2t5lV/6E0Hq0WVun60ybYJFoJGnBa47g2QOILGvMBVMjr1tO159wzBo9RuTCnBmNsMIDAS8WtW5RsShOxeHNNm0VjM5VanBP6dFm06FEyNIn1b//TBH7BUK90WL4pp8RXwPy2j2GHGHB6ZEA3Q8QKL/XQsVsvQcqzcedDg4ZNjiF2943GGozphzERD3Z2FnpX2ATzPjWNoPJltAxWSoIp4/KqAQ6yR51fVUwa0oFW7EuSqmDEJMpN4cDFQUcg0sQL8aM/3VCDIQj7WDU2XHmbP97xA6k+GMX/Y9lVa821+gfyq3ROM=
C:\WINDOWS\tasks\disco_games_notification_service.job - C:\Program Files (x86)\disco games\disco_games_notification_service.exe /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='disco games' /appid='73143' /srcid='2913' /bic='7283aa2056b2a337da640c1dd56aaf66' /verifier='e54ecdaba9431035a76c4d8241498cc9' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1429079294' /runfrom='task' /brwtype='notbg' /postponedhours='6'
C:\WINDOWS\tasks\dress4u_notification_service.job - C:\Program Files (x86)\dress4u\dress4u_notification_service.exe /url='http://cdn.selectbestopt.com/notf_sys/index.html' /crregname='dress4u' /appid='73143' /srcid='2913' /bic='7283aa2056b2a337da640c1dd56aaf66' /verifier='e54ecdaba9431035a76c4d8241498cc9' /installerversion='1.50.3.10' /statsdomain='http://stats.buildomserv.com/data.gif?' /errorsdomain='http://stats.buildomserv.com/data.gif?' /monetizationdomain='http://logs.buildomserv.com/monetization.gif?' /installationtime='1428777027' /runfrom='task' /brwtype='notbg' /postponedhours='6'
C:\WINDOWS\tasks\e0c410e2-38be-4038-862e-31a30ed5e5da-1-6.job - C:\Program Files (x86)\SensePlus\e0c410e2-38be-4038-862e-31a30ed5e5da-1-6.exe /rawdata=i+0tA/EhGVo/JmxnAUpCeIeBrKuM0bFHQzWNmEpMyVRbwhESK6sEy4edvC1cUxe6q6rBmkrFGCccaES+aqsOac8gyeTQI6WPdOK5SpWzyg0MwQpTyJUIrIICtT4FbG4ld6TAWjmJlLFvOK7LmiIXtIh4S2dMT+av3vfFfAw6W8VtLX2LXMCd4tINo95YKRI0PeR998ymT4Y+/3//krgIpwA0XIY9qyQU+DdgABPSs1GbxAC36Ne6EmVBlkk76rFipxPPg9pORFNBvxlzDfZTPhJV5jay82ewAt2FYOeoqi2EHaYqD8+RI593eetMNVAhBVxLnoJLAO3kFhB8v/FKK8Bng0dl4/dofpmyXEnrAaiMR45dytfWHyPBCVmzMjvQ4SnOkGQhT8IEfcGMNEqcLAWte/ElsqaLAH9rFg4oR5397lLtR9w0YA8lD+M6BP9GzCwB8nmdD3zKNkRvtLMLNRaLg3UoKcfw8QSLngXy991AzCJvPCupzzo/EjKZO4+itcONH8HLVwNikKbnqokw1ca8MCOAz4rwLdxLXJWQUBfR6EiqGWGPCsJPcQP+yHhGAvIBf9INk9gkkz7geg8nDMBq4YdRsM/vQDAhQVs7ZTHp7BZyjJA1mY6KijtGoP7eER4yLlr5xyRV7jNF1Rrxm2GE2sLoawaRpT5BrQRu4MZ/8gjjo4RlMoK28Qkz0K2hmtYoyeY7MhhJaF0Iq1wMr9YRnA276PlgoRiKi9/tt19W3bOdBdkXzsw9PtD1PlHfqtqvMBd02otRbYaJQOE3orrHQbhlrh18YwQjHcbWkrV2+550k9aCubbZfgaq92kAibmK7mZ4zr+TfXSmjaAhA7aAJVoIeSbe666KlH+icSaMKitdrzRyHoDXw2sQgOdRRFqrhrrELYz2AXlINDRqSPOckk1OSqJqmtPqRHdsVYObKrBVuKJ9vdKEI8X5taFDJaxHOXhvApzw8TRE+X80Vo8EMXTOSywvH8EP13tfdfLf+9FUU6CT20WQCSD/S9q7f2P9DzqEnVkz8lxnDjYDhvoSEG3DB0SbnsACiNNEYiYT9a/r4m73Dscfl/I0i5cfYOvjyqVK0bFNnTseAF3GuEjY4fPXsgVPf9JtCzCdZ9YFKZpDCNf0tBOSnhIKInnLOf/oJl+kXN8f+jBmSCbIxAbefV8iAfRMzFDlZDx2eZ4AvIKiHTw/x2HOjlBpK72Z8kcEZ/u4cEFhano74i4gdyfO4VtpTUNwHEKCcNtscxlh7XpVkw6J8tVyXVYUJGkYRLRwdeGpXl2Z/cB9BCgwEHe/ZqDT+u/oYvEye6U+MzsMX+jZkm5eEn7DaviYxJq08N3zdHsU109A8UzpaYeYLQWkKPyfWBkyyS1O3hrESm1PelKbUl46dxTZn90wVqlMdKrysbOSRoaUndLb28MO3iP5hDWkMUXkDAxTb+KtS3bSxlzqrA9JJ5/iQQUzQmtLj7B4ykW0A2T6rZj7JgRuqokHUYDnjgOLs4uo6l6phss4dfJhL+PhMDX6J4yzmWiu
C:\WINDOWS\tasks\e0c410e2-38be-4038-862e-31a30ed5e5da-1-7.job - C:\Program Files (x86)\SensePlus\e0c410e2-38be-4038-862e-31a30ed5e5da-1-7.exe /rawdata=ezXo5iTau64BkVgg4Ob/lv5jo/o4k3vRr072xWP46IQ5AyyHYliFEuZRcJRrgP6bqy9dinC2tqTixUfNSvgVi/bE4R7eBWHQpCdVXrEHXs1zzA5cRGsvehgG6qw8rMNlNHC1DEdRI35VVOmR71YST1dquf3HHod5k/FmcYtyppkLvwsqKygU8ZKp58V8TdhYhFdNvx5TBV5bMVFeJD44oss3bAG8GsG0iERPWbi4XnYyHgoYoseEqMxtEWZOGMvwaWBzktnGEdHmPNkzbcrQ86r9ucNEagzGkqzuKWujQ0+YKV3qhQ5YCcZKhKKciahAP8dWd+T+WGglC3C6lnaKwoNDcxly6OMCqQ/9vb5XrgPbVw3mPdyUy0DcrFPQgF0KZrccNMCHE7GbQ8oQlEX4/qG/c6HOyRZJixjUrsMk8EC7yeXEu2tAu4vOZf4yh5pkmrnjZ+rW1+3Mut0YYh8TmDZ3EEF+VzM0f9rUDon6Uh80idQReJ9+c4LV1XnRVmG8UQVjbJoERLJcmEQajo9gmwJtpnysIhTSRLbqjLofuys2htY8tOLlMBgZQ3KUpT9c/AXJuD4ADcJgejwofsEx5S32zm1SgixdSHHuWmR2Acjz0v1ndhAlpIfvvqtlicj6vWurvUMgWr8stpalj0Yb1+nK3ZzNEa+FLerY+PrsVKCy9hCs3P+iuL/J4fg3Ah5NhEZmk5yI6NSibSkf1cme/x0kp8XyjzsyeZc2yuuZE0tHozXADxbiAtJX+TndQoFKbOfqgenwuTVIZGFC4hwT7BErrEV3ei7NB5tryfPnEfCvx4a7ObMMQv5abr/ObmlUkf4FXQ+8mxMkdej3Ea8L/oJXIP/g4skxLN35YQHi8lNPOSt5pP9+tzZzY30k0HX6OeKxr/+WXZTb3zJnETcVfk1Y1UOWgD3Wj0KktbbPCwrBdVsxA6QfVmUsWn/B93GO6bRsAf9ep19IoKydfgnF0v935iQmJPudQynOM14vJ+4BY8NoxPT8pfwYrVvkOhI8Z631veit3vO1P3TsQjnSTzZdImTYmPmyuSx8RdWyTUk6M3fBlzn6D4CKIvRWqwzdRV9oLHHpMr7TzZE9DwgXZzOUvvCgI4zqOHdi4WaQJkMYH6Q5zPlVJsL/fJBRnCDp7RKJo3EPcF56nfkIjtdEglxpx/K3Y9W5ue2o58D/1205iLOr/0ZOGMrYWZI/ibMmde+BocJSTxUu1MFrZlIj84BNrixaQ8tBX7oE+YAKvR/cfzQRKmXU4vpKnZqUXrIDD4WPCTqgMw0oIAFhl96jBUwBpPDftApIwLkEEZd1KH0h/3IeTbfzmYT9epe5O+XnxhPlU507xNXuF4OKt3b6bHOzaVJLrBNEatgzYpZXBl5ngZKcEuOdtkN7IMq5RkBH7q3MwtjlzEUCeL1/QdSgdaZzgicBfZR5kCqh/Xdw/B7Slf+DrMdR6+wqDoH86Kq5loIapVKov/BEXueYaWi5O92sDGarQVitRD7AcdZe1G69L4UPg4ibmArf0Uq2elGtEuRvGx79qzIGRBrGXcy3jzvIG7UYWX5FOcIQNHiKlOlvr/To2betYSG3EjxXRnAue+TUEP1WyTc3KmaQZhGIMGffcPZ6EyYpRNBj3tAFj6sHHwGvt55Uc4czEVUqQNYAmAPiLt6Y6gJwNjxXANUFQasuyYSqx1H/y+HfaTIy2VA=
C:\WINDOWS\tasks\e0c410e2-38be-4038-862e-31a30ed5e5da-5.job - C:\Program Files (x86)\SensePlus\e0c410e2-38be-4038-862e-31a30ed5e5da-5.exe /rawdata=LA5d0R7SJmroClF7ADNhH9IhOJ9tdIECWRPW0HMtLQd1PTaOXV0drm+b+34JnB1l/N46SGAiRPd2hlBbEmmlCba/hzKIBs2Dl/Zeewrl1m0WHSGtooXy9z4ypDlQfBvge+ESBFM2fiyp0LGQLgE62p7mqF50LMcH26JzkvCjZOycqcxzeaNxJ3BCBLcne6RdNafJFbXJTh2f4pHF1ONz5FJH1a+qIiDlw3rFLRGdW0a6BmEcI8dvch3/TJgOqnsQunFOok/ugrOcL38yuMWa2x4ttWFFOsRc3Lqfwuiachx/NTztEs3bS3uCkgQSAg3vHcUbldi/tWP0VrclD/OPhyTqHCJlZOwe9ZCmC8Ohp6tO92ZUBqB905zb+CUCWqPFSGxZhllGRQTPZyscRqH3BbwejMfA4n5JNwV6bJx1IYJ7dHvbrCYzFtYTkhbKJ36fSBlBGEhNWy6/A5Y17+cmLGoOP+bbadOWQKlP4sgZqc4BrfKPTCutlfJH4aLhrt/+aRhoadL8/sOnojqj3XSzIRcShHV0yNyYAZI84q+5M94bvB614h1o5uOJluSznrRzQ4TTr/V3+01pprMoZoGPkUy0MBoX19iXaFYNIIdpbgWeKxfaUcJionDiBlG5rJGL1V1OC1por1qc70nMD9DnQGqySSwX3+9//ewwGDiEJ4oBfnIEG1lM4kPRMq2oiHUHxXWHx8CcuC3Dz90EkFk/GYrkZSbp7MuM9Eiy+Q/yPma/ylX1XE5f3RJB7FBXcCnMpr/efXmKyVOiRJOL8TK7w8IzMngnzFg84AEHqIttTNKlQ+DgMr2jOIuTpXdgpiOfzlacWVRUWrKkx6luDOP3Gr8sYNYzGE3GSRXDs9AwY77Ru+wQgr7Hof+XlRWLEgOY6y8SRKoFHRtpf2Vzd2A+MsohLhRWbdHylnTvtlrWyZyFIsS+mmx97Nx4LEUCru7XjMBvvZGO4HQY1ohLbgAokksPefdHsx2C7GoHU0qv0sjMom/XemHXQLSwqRdRZ8Ief65WXNVi6wzAGKAR7PseotR1Dee/ySVsh0LdgjmcwFENx21lsBPBKDFF7mM1482WGwEqh7Sm1BDV33HtGbwUwQDVWEm5gUjMe8QRSD0IjU9dIdN7pHkgQ4o6FjFDdhLcWl+EJhDqog0ZMzspNC635pwSaeevCKkQMwEoQUs6QH4=
C:\WINDOWS\tasks\e0c410e2-38be-4038-862e-31a30ed5e5da-5_user.job - C:\Program Files (x86)\SensePlus\e0c410e2-38be-4038-862e-31a30ed5e5da-5.exe /rawdata=LA5d0R7SJmroClF7ADNhH9IhOJ9tdIECWRPW0HMtLQd1PTaOXV0drm+b+34JnB1l/N46SGAiRPd2hlBbEmmlCba/hzKIBs2Dl/Zeewrl1m0WHSGtooXy9z4ypDlQfBvge+ESBFM2fiyp0LGQLgE62p7mqF50LMcH26JzkvCjZOycqcxzeaNxJ3BCBLcne6RdNafJFbXJTh2f4pHF1ONz5FJH1a+qIiDlw3rFLRGdW0a6BmEcI8dvch3/TJgOqnsQunFOok/ugrOcL38yuMWa2x4ttWFFOsRc3Lqfwuiachx/NTztEs3bS3uCkgQSAg3vHcUbldi/tWP0VrclD/OPhyTqHCJlZOwe9ZCmC8Ohp6tO92ZUBqB905zb+CUCWqPFSGxZhllGRQTPZyscRqH3BbwejMfA4n5JNwV6bJx1IYJ7dHvbrCYzFtYTkhbKJ36fSBlBGEhNWy6/A5Y17+cmLGoOP+bbadOWQKlP4sgZqc4BrfKPTCutlfJH4aLhrt/+aRhoadL8/sOnojqj3XSzIRcShHV0yNyYAZI84q+5M94bvB614h1o5uOJluSznrRzQ4TTr/V3+01pprMoZoGPkUy0MBoX19iXaFYNIIdpbgWeKxfaUcJionDiBlG5rJGL1V1OC1por1qc70nMD9DnQGqySSwX3+9//ewwGDiEJ4oBfnIEG1lM4kPRMq2oiHUHxXWHx8CcuC3Dz90EkFk/GYrkZSbp7MuM9Eiy+Q/yPma/ylX1XE5f3RJB7FBXcCnMpr/efXmKyVOiRJOL8TK7w8IzMngnzFg84AEHqIttTNKlQ+DgMr2jOIuTpXdgpiOfzlacWVRUWrKkx6luDOP3Gr8sYNYzGE3GSRXDs9AwY77Ru+wQgr7Hof+XlRWLEgOY6y8SRKoFHRtpf2Vzd2A+MsohLhRWbdHylnTvtlrWyZyFIsS+mmx97Nx4LEUCru7XjMBvvZGO4HQY1ohLbgAokksPefdHsx2C7GoHU0qv0sjMom/XemHXQLSwqRdRZ8IehGYTWlHLtanz9CmNQFshGKFv9A01XcnuPCmd6dyL9OtucaWcy7KENij3rb7q7wRLTu9J8hIPszPOdo8IhZ0sTm2KMk4BwzpBj97DULUacZ3CCGYEZ4Y20HQPEtCKQQUk4iwQqPEe42+gVwwMB5V0niwfL9kk7wHnCKAJ3zjb2yA=
C:\WINDOWS\tasks\e0c410e2-38be-4038-862e-31a30ed5e5da-6.job - C:\Program Files (x86)\SensePlus\e0c410e2-38be-4038-862e-31a30ed5e5da-6.exe /rawdata=ELncJCIW3Czki4j8j7fnnkT9P8+G21hGYpi3NKVuEVd8MaU0Za/2PyqKm7E/onMPh21sw/qgJj+IldXkinCjduKokDju2jPD4mj/rMs0Z79fR9VW2q3GRS6AfVOzXXk8gyLblL2O5QfNgzk64Dh8WzBHgOqy54Dl3+dajX85IPWytpvvefCaUR3rtoaJDy23NMseRSnI/ZUxqlCGdeeuA0i91wRa5voRWi2r0dV8OZHXJFlTPoJoJo3PSALJyl86rVbcdNqvRzM0PdcGcWbZX4zMFYL7ygGDT4NnihAfMxVQixgBjb2lDVvhTIuxip+IDh6RIEbpKEB0FmTVQ2fIw6HCgxPhbsFQ0wDOGVjJrHLmEO9zG3/DbUdf68TzdRUxYX5pzQCIpP7NntJhf7oJuaDM7r93Wog8w/VO6Map6YUr58w0HnBzTfNmoUqhzH/EY+bsYyj28bg8k5374JstRJQ7HMx5r+VsFvJ9LaDz8WnwVVOjbruiCikgTXhEcmFNwTg1pHfXvcJx0jAgHsCNyP/O/B8IJIzRK04nCHJnvEIzr+pOQV3efHVSM2kwqzG2pKxk1eUfz3/4zxX6ngpfUkTwX/+uubnw4Tk0lsXQI5NvnyqWzErNrJMeBtBIOepHaVI/6jtyrd0icPNVqAYwCKm8W5R2Bg5Tsb9YOdjQpdpOkXbB0kDdDKzIsWZ1c2nC6MzAiGrwQEDw28p+GNsc9rqJLjBmvQHpU/Q34c/fa0Elkja2sdBh+8hp/gOOPuuIhjrwgZWH45yePVwbb8L/wiWaA2MT9t4/2BRbRMx22PFf3qF7egYEMJf0Kza25ey9+goA1p2ueWkTmEY717KWHAroyZkrwCKZ0XLB1LeV/L8LIPuiDpbUYzAJrx4oN0rZp/6cWX9R3tTk4wCGjCJYoTO3hcvMhkpRFnE4Hl946VAHNIRII8X4qrQ4lt3LkuSvCx38QqvjPfBDirMoql4El47tQH6Z7ZwiNYKh+Hy3ltpL/uStJZxMYP3CeelJK17eaPBdan6lOTZqOag5scnihoaEbHP8vy2I4UZFv2WQFO+oAuWK+gBbyLIGcxsrQI2Y47UZyKxZXigttk1z+Jr4PtmceeKIti56gKuCtqKaoRAL0wzjAJkzvnyIhieqCvbkA1fip47IUW8bnGemaIohd8Pe4AH1H8HM8eTq791CqrmBekVV7bOnIUP7t9GVJi86SvCmY34eSCKu0UzNH7uI6jSWreKaIDNd+qc48PuhL1g2A0MPmlouJ2pLjMFAW6Ko2r+jdkSlqBi/rzjPqoJcEf7r3rxQ9Zm/tWWhXSqveIGFRSEFvC+00LefcXcGg8D+bjw7xxJNEGJksKGTZIwZ6zdrVyjeFTznwcHOItuWxDZlR4THDD/T6CfUMFXazKlDDxcAXqTjjeljz8ATfmwXKU0kbC8hMZSmnAFLmxVQp3uU9vMM5ddUcRruGPscFG0NqDTgzq9QHCQEgBjALMUVJ8K6/6p+nlyPGOvO1m7t3f5ZUbe8J7ulDl/P8f72lz5LifqT6HFI/S0XeLE7D7aI0+cRBKKQmFLIABWos49zLLKAnUEbNAgpwp12IlSkeO5iho5qeWWgQrRuCXoBlB1V0OQrPgcBuEqH6v+/I0RgMMxe9EO0PUU07dHnZBJzx9/Jac7V1yGtD+GV1gvlTv5OOSvjV4HRivjCWumzhemnV1AJmYlldE2kc5Yv29iE84ncni8T6KZsH/hB0D+g7SlrCPxmqhQCEnsQNXrSE7VOPxH8lQnZDlduGDOLzI1fyVcLF6r6mUdqde8JeVvXaB47bY2uOZQHdugiRRAI7s9E/XO/qc8lz0vr2zfwxtCjdEw+266IkeVej8wSYmofbGdwlqUizPFr2vpwqPJFgB26qHfV+XmV8UfmnVurfg7Nx+PyBP2L4JaOef+AdlJhsvX4odmwhMfmpctgCzqyKD/immWd61m+4NSdEUH58VzMfnl0xYz9is7FfRqyIiGEm4TSeVrMcZTK2LMFI7xNFxIVBUeti2MOhFJUeplIVNy0b3IFElAep521pRwlXV1k8zICM/sgk2YIB4x48cEalAZkw/A0psuJm+V5ZJHn9RUan5ESAN/FV3+Own/OTZ8My+wqs70VGIQ2gQW+imzlbvhw7neOQKd/893a3J357gqHUSf1Y0F8TfB/f1EzAxrvZvi5iFXl2oVD3nZ1IjtolqLzPfd29C1akbJy/YwB3g53lixZ3kYHiKVueRTLFc7MXgn4uAkGMe4aHTjGqJCbtu3MGafuyw2O12jsgrOKQO5tldYZHxQXeDJqppCtTXSkWXlVJS34nZO0Xp0wju07dDcQs83oIsdB/Xan8HBTE4o21grh68lDVlaPuzGTbSuSdGOXXkctGCcblGzN1CJ1p9VEkv+8L+CX5SVGfIYMBaxOBVhwo1QhvIH9r/tXfy/9nuqEv1HVIXCpvS5O2NA6zjeQ5RZ8Pz4wiFF1/ajSMnlbiO5Z/QjIE12E730FFQo46UrfeOR9X5R7XI2KKLTBogKnkK03cK2QYwUZsLcAvxC7HuFoVRIRpHAgPcOFQH8sa91LAMZg29dtYcX7A3w0eMHFQv4WfkcXR6fAflzybj7pr0ZsY+kRmsOqfP5HDMzwBmI8Tq3hQyvRywg7FVFHMRPOZ2b2EqLg2q59HDV0ED6xqzdXDxWg8gMhM7C0OkF10qWsZuUxB4IXqYdTs7rZW0OvnM0=
C:\WINDOWS\tasks\e0c410e2-38be-4038-862e-31a30ed5e5da-7.job - C:\Program Files (x86)\SensePlus\e0c410e2-38be-4038-862e-31a30ed5e5da-7.exe /rawdata=X2AqsdgfLD/R5lXIH+726ZmQTgFWmsovUPfcvXskK+zTbTlKi1CVKleXXVqaEkIOmq2TiAVFy3omli3zLAZhRtZDk6qo32aTb54gNMLmA33yRvN12WyDiuD333xM7kfyrZgFgDMbvXaAzjChUeO1on5Uj6iUKP+qydS9a5jYmBKBRv2iNkXSZAYaVI1UdLI7N8IvCSRpo5zrAS6JSS/OFs95WcFE6dEijCdpBAFtnnrZIkMiZyc0Lxp/vGRIND6TVj5i1JWGcYrzXm1L/D0rALRuiGbIExurfv2uToadXTjCPyQgQuzEXalsXDzlySg/NfE7AxKZZ+xmfav9nM1dnZIJt5c2e9dwZ8Iwiia71fNxr1QBnVCwQDjQ7rNut/NMt/YTo1v6B7upFILfMCGgqR1OWLYVh6tftVq9XkFuEMupfq3DsiFyy6rwp2gTtAKBeNeYxpHu7zs7R6vbjadYCSlIoOiAHDZCXqZP89nxfocLTldX/iJ1Ye5UVgMhF6WUh8N1ieRYpJPphddTmw6XNFOWbR1HbBfwUUeCpcgGTNvutBCDOYc6VRqlaCFJ8yU/qKoA7kBUiT/nHu3/BAOsfuVFeIaPdwDm0E0JgA7/5lZMkKHr9KqC0CgpLVZvUMEkSG1Nmvi6S8uZEbNkYiJunIxFAFdYZyXAfZkUJsTnBpEJJu0ilYgjYdsdK9FYlXgt+mVm60PMpdYhEO0EauTmjporNOU9O42eRzxndOleouDroAnd5CfTZuA9mX5v5X4ynPg725cgxLNz5JB3dtsHwEeLl8Zr45lFggC37glEnVaH01jPq/853qRPL9Gu+7nyBZdzUqxiEyOYrbOjZATMirAKVGMVmUkC+CaRJYP/ehABpyjPJIbjBcVYQff3ZnATZp/0hD2oKnV3zD46TUGJhAJsN6cFhWv91mXazqRvqoUB5GUMHz24NmM5AghuGT6jCH+fn8KQMbgRzvzeLD3HYuaeK2udiQrfNOn5NQYwCjSLKIgbXm1NQl2uUMQPE60TcDTAPfzfRLM6oWMEbIdApLQIrEBXzpVkK/0MfpEF/rULyOcpuCwcADOOe5iYY/CLzjyGce5TSsHFVDEYYLrKRxfmyv3lb1SOfr7PtK6TgVgPtctoKMbCme3WR/nYy2dxYGqtgoMyidYbF9adyEd2D/oSXm796uPuNeskgsCTbBCFsis9x6px3jK7GyXwnMf5U/S67lfFL1vHGhJndaezS3HgnUqyLpkIq4RWRFwmQj5QYU7QofrtbW0MtOCTiKwlZXWm4Av5VKCot0Vd2w+OGcnDg1G4diZ+LwUix7lQ3R56kwiwN9Kdo7N/Zg5KwlQpVz2oV55mBULpI9fs3oMoOIgku0BjI9zcJe1mAQ82pXc29MUGr9rxG9Uuoacqu2Cs8FWlXUZFRCmg/afMNmsLBTD052dAMwqqxTwgcPGVV8kotTFmwBp5JB8gOywcIRMKUBSKvjsD+YuOZ87no5U2lO58Oww8iifnY9vmzzuYAVCBK33kWlPmEGLPJmr7InSbi/Px6Sj7mnCx04XBTzp0crWjQtgzYg8spt/NO4cyTXr149xX54tepI7zLn5S9gaoKphagdZll8ygfarpxZqtVpti1TTib1CzxQQwb6JdzVQWulF63r+vYKbv8h9TfblWrmEXc4s0WVbqtUmhlkEAgOQtmVPW+qmfKWDLeSsLCLgFJ67DDjyv3iO7sFdrp6ym/6p/VTh9Vm8W42sJJLcreImJNlJtR7Btvd4KOfbRnlFRJXx9GcX1+/xPE51OfaTWvQ9MyvsBOiKR5We8UZOSr4BTBELcLiX4MDYfN2RO34QYPCC53Bx4P1pudd06dMJOLrbC8HoBed4kYHvIRxjbXoTLszV4F9XY4z24SqCO1LGI1lDZbTFvaPM8iHHWP+Tg7SwvubGx3tESZ5up8/JD32m72z3CayATDmzBC1x24L+DH8eQsutv1Q+3oL7qMz5niTpWCQ8GhDHXAeZRNB60rRwgIO2TMS0JiHBzlr4swjlfXzVVeNRcrHDHxxphuAd4UfXd3QhD4vNUGNXH5JEYhSvMefAO1z82S0VRHG6mcsOdMGkUgNuC8f/M0ZC3AlBDU1AmAkAOQ2JWVcVcCo2EUFXi355+GhV5kXQi7EYcyjDOHFs72tB0JyMgtD6C4azfSt+XOwz3XSxKyZrkDRlJ95a2MYfqHmVMAKnHk9fqoLiLwT1zLKKLvJbEcM3GiUhhgjIWlLDPk0Xd/jIpgpqkqDqsCVDbrgiGrgBRGYXAE3S0IxJazY4Fc0+HmT6zzRS7OO7ooTcsyuudNZLbkGsIcuEpHQX4I9kQj1pFJli1pAk9kezV5HCsGe9UctWGSRzKk0/DD6LOkYyGu9vaabaSTqLe4wX7kxABL/wo/7IvJhZF/2dVI1vM9+Gda6Yd/6yRaSiVUBWVI0swcXVRqvuusxHWFkbN/5N2MlgsbndsTaO60XzXmNFBR0viH7LUe6ZSxhRITijwRyMg54u4jpZ3NNPa5qWr6ZbQPP4uhlwgNWoktyzjHjRWPqMrzIp+f1yETXX7kDhioHB4snzyk0JEo967SX/iWqV+Dnd1oGPn0HB05nlsOYgrndfxwgbOrCqqQ09cn2KvPVJTb7FPJd89Oz2GOOhflWsPb7xaBoviyIv6F+r1CpmdDEBc/VoVZnMSn1MezP1quO9F3wyQkzuCxjBEukbvfD6kah3Z5RA8JqA=
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cf8a548d35be6f.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cfec4bccfeaf75.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-01-20 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16 810768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-12-28 66688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-20 2331336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-05-16 488208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16 688912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-05-16 444688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16 810768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16 688912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2015-05-16 164112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Michaela\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-05-22 382664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-05-08 40312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-11-23 3187360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [2012-08-31 3423104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-12-03 1256080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-07 13262480]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-01-20 43848]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-01-20 152392]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [2014-02-14 450560]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"GrooveMonitor"=C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-18 20:47:57 ----D---- C:\rsit
2015-06-18 20:47:57 ----D---- C:\Program Files\trend micro
2015-06-18 20:41:24 ----D---- C:\Program Files (x86)\ESET
2015-06-18 19:58:25 ----D---- C:\WINDOWS\Migration
2015-06-18 19:52:38 ----D---- C:\ProgramData\ClassicShell
2015-06-18 19:52:37 ----D---- C:\Users\Michaela\AppData\Roaming\ClassicShell
2015-06-18 19:51:49 ----D---- C:\Program Files\Classic Shell
2015-06-18 19:35:10 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-06-18 19:25:11 ----D---- C:\Program Files (x86)\VS Revo Group
2015-06-12 21:18:09 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-06-12 21:18:08 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-06-12 21:17:55 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-06-12 21:17:53 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-06-12 21:17:28 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-06-12 21:17:22 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-06-12 21:17:21 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-06-12 21:17:11 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-06-12 21:17:10 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-06-12 21:16:59 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-06-12 21:16:47 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-06-12 21:15:14 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-06-12 21:14:46 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-06-12 21:14:44 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-06-12 21:14:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-06-12 21:14:37 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-06-12 21:14:29 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-06-12 21:14:27 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-06-12 21:14:26 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-06-12 21:14:25 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-06-12 21:14:17 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-06-12 21:14:12 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-06-12 21:14:10 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-06-12 21:13:55 ----A---- C:\WINDOWS\system32\SRH.dll
2015-06-12 21:13:54 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-06-12 21:13:49 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-26 17:49:05 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2015-05-26 17:49:00 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2015-05-26 17:48:58 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-05-26 17:48:56 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2015-05-26 17:48:56 ----A---- C:\WINDOWS\system32\winbici.dll
2015-05-26 17:48:56 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2015-05-26 17:48:56 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2015-05-25 16:20:11 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-24 15:06:29 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-24 15:06:28 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-24 15:03:06 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-24 15:03:05 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-24 15:03:04 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-24 15:03:02 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-24 15:01:30 ----A---- C:\WINDOWS\system32\services.exe
2015-05-24 14:56:08 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-24 14:56:07 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-24 14:56:06 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-24 14:56:05 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-24 14:43:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-24 14:43:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-24 14:43:29 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-24 14:43:27 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-24 14:43:24 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-24 14:43:23 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-24 14:43:22 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-24 14:43:21 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-24 14:43:20 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-24 14:43:18 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-24 14:43:18 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-24 14:43:17 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-24 14:43:15 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-24 14:43:13 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-24 14:43:12 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-24 14:43:11 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-24 14:43:10 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-24 14:43:04 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-24 14:42:46 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-24 14:42:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-24 14:42:34 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-24 14:42:23 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-24 14:42:22 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-24 14:42:22 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-24 14:42:21 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-24 14:42:19 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-24 14:42:18 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-24 14:42:17 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-24 14:42:17 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-24 14:42:16 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-24 14:42:15 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-24 14:42:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-24 14:42:13 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-24 14:42:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-24 14:42:09 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-23 17:56:08 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-23 17:56:06 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

======List of files/folders modified in the last 1 month======

2015-06-18 20:47:57 ----D---- C:\Program Files
2015-06-18 20:44:43 ----D---- C:\WINDOWS\Prefetch
2015-06-18 20:41:24 ----RD---- C:\Program Files (x86)
2015-06-18 20:39:32 ----D---- C:\WINDOWS\Temp
2015-06-18 20:19:37 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-06-18 20:18:31 ----D---- C:\WINDOWS\system32\catroot2
2015-06-18 20:13:49 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-18 20:12:29 ----D---- C:\WINDOWS\system32\config
2015-06-18 20:01:46 ----D---- C:\WINDOWS\WinSxS
2015-06-18 20:01:41 ----D---- C:\Program Files\Common Files
2015-06-18 20:01:41 ----D---- C:\Program Files (x86)\Common Files
2015-06-18 20:01:18 ----D---- C:\WINDOWS\Inf
2015-06-18 20:01:02 ----D---- C:\WINDOWS\System32
2015-06-18 20:01:02 ----D---- C:\Users\Michaela\AppData\Roaming\Seznam.cz
2015-06-18 20:01:02 ----D---- C:\Program Files\mcafee
2015-06-18 20:01:02 ----D---- C:\Program Files (x86)\ShopperPro
2015-06-18 20:01:01 ----D---- C:\Windows
2015-06-18 19:58:30 ----D---- C:\WINDOWS\SysWOW64
2015-06-18 19:58:29 ----D---- C:\WINDOWS\apppatch
2015-06-18 19:58:28 ----D---- C:\WINDOWS\system32\drivers
2015-06-18 19:58:27 ----RSD---- C:\WINDOWS\Fonts
2015-06-18 19:58:27 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-06-18 19:58:25 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-06-18 19:58:25 ----SD---- C:\WINDOWS\system32\GWX
2015-06-18 19:58:24 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-18 19:55:40 ----D---- C:\WINDOWS\Minidump
2015-06-18 19:54:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-18 19:52:38 ----HD---- C:\ProgramData
2015-06-18 19:51:58 ----SHD---- C:\WINDOWS\Installer
2015-06-18 19:49:09 ----D---- C:\WINDOWS\system32\Tasks
2015-06-18 19:49:01 ----HD---- C:\WINDOWS\system32\GroupPolicy
2015-06-18 19:49:01 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2015-06-18 19:47:27 ----D---- C:\Program Files (x86)\Seznam.cz
2015-06-18 19:40:56 ----D---- C:\ProgramData\McAfee
2015-06-18 19:38:52 ----HD---- C:\WINDOWS\ELAMBKUP
2015-06-18 19:20:20 ----D---- C:\WINDOWS\rescache
2015-06-18 19:02:38 ----D---- C:\WINDOWS\AppReadiness
2015-06-18 19:02:37 ----HD---- C:\Program Files\WindowsApps
2015-06-18 19:02:01 ----D---- C:\WINDOWS\system32\sru
2015-06-17 20:32:33 ----D---- C:\WINDOWS\CbsTemp
2015-06-17 20:19:46 ----SHD---- C:\System Volume Information
2015-06-03 19:04:15 ----D---- C:\Users\Michaela\AppData\Roaming\XnView
2015-05-26 19:04:35 ----D---- C:\WINDOWS\MediaViewer
2015-05-26 19:04:28 ----D---- C:\WINDOWS\Camera
2015-05-26 19:04:24 ----D---- C:\WINDOWS\FileManager
2015-05-25 16:17:42 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-25 16:17:42 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-24 22:45:06 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-24 22:44:54 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-24 22:44:52 ----D---- C:\Program Files\Internet Explorer
2015-05-24 22:43:34 ----D---- C:\Program Files\Windows Journal
2015-05-24 22:43:30 ----RD---- C:\WINDOWS\ToastData
2015-05-24 22:40:54 ----D---- C:\Program Files\Windows Mail
2015-05-24 22:40:52 ----D---- C:\Program Files\Windows Multimedia Platform
2015-05-24 22:40:50 ----D---- C:\Program Files\Windows Portable Devices
2015-05-24 22:40:50 ----D---- C:\Program Files\Windows Media Player
2015-05-24 22:40:41 ----D---- C:\Program Files\Windows Photo Viewer
2015-05-24 22:40:25 ----D---- C:\Program Files\Common Files\System
2015-05-24 22:40:21 ----D---- C:\WINDOWS\SYSWOW64\Com
2015-05-24 22:40:21 ----D---- C:\WINDOWS\servicing
2015-05-24 22:40:19 ----D---- C:\WINDOWS\SYSWOW64\oobe
2015-05-24 22:40:19 ----D---- C:\WINDOWS\SYSWOW64\en-US
2015-05-24 22:40:16 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-05-24 22:39:49 ----D---- C:\WINDOWS\SYSWOW64\setup
2015-05-24 22:39:47 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-05-24 22:39:46 ----D---- C:\WINDOWS\SYSWOW64\sppui
2015-05-24 22:39:28 ----D---- C:\WINDOWS\SYSWOW64\wbem
2015-05-24 22:38:56 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2015-05-24 22:38:55 ----D---- C:\WINDOWS\SYSWOW64\Dism
2015-05-24 22:26:36 ----D---- C:\WINDOWS\twain_32
2015-05-24 22:26:35 ----D---- C:\WINDOWS\IME
2015-05-24 22:26:33 ----D---- C:\WINDOWS\system32\Com
2015-05-24 22:26:32 ----D---- C:\WINDOWS\system32\oobe
2015-05-24 22:26:32 ----D---- C:\WINDOWS\system32\en-US
2015-05-24 22:26:24 ----D---- C:\WINDOWS\system32\Sysprep
2015-05-24 22:26:23 ----D---- C:\WINDOWS\system32\migration
2015-05-24 22:25:57 ----D---- C:\WINDOWS\system32\setup
2015-05-24 22:25:47 ----D---- C:\WINDOWS\system32\cs-CZ
2015-05-24 22:25:45 ----D---- C:\WINDOWS\system32\sppui
2015-05-24 22:25:25 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-05-24 22:25:16 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-05-24 22:25:12 ----D---- C:\WINDOWS\system32\wbem
2015-05-24 22:24:35 ----D---- C:\WINDOWS\system32\migwiz
2015-05-24 22:24:33 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-05-24 22:24:29 ----SD---- C:\WINDOWS\system32\dsc
2015-05-24 22:24:29 ----D---- C:\WINDOWS\system32\Dism
2015-05-24 22:13:13 ----D---- C:\Program Files (x86)\Windows Mail
2015-05-24 22:13:11 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2015-05-24 22:13:10 ----D---- C:\Program Files (x86)\Windows Portable Devices
2015-05-24 22:13:10 ----D---- C:\Program Files (x86)\Windows Media Player
2015-05-24 22:13:05 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2015-05-24 22:12:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-05-24 22:12:18 ----D---- C:\Program Files\WindowsPowerShell
2015-05-24 22:11:02 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-05-24 14:03:49 ----D---- C:\ProgramData\Microsoft Help
2015-05-24 13:52:49 ----D---- C:\WINDOWS\system32\MRT
2015-05-24 13:28:06 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-24 13:22:28 ----SH---- C:\WINDOWS\system32\desktop.ini
2015-05-24 12:04:25 ----A---- C:\WINDOWS\SYSWOW64\msclmd.dll
2015-05-24 12:03:22 ----A---- C:\WINDOWS\system32\msclmd.dll
2015-05-23 19:30:21 ----RD---- C:\WINDOWS\assembly
2015-05-20 21:05:52 ----D---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-03-25 678384]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 ATP;@oem4.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-02-06 65784]
R3 BTATH_HCRP;@oem12.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-12-28 179432]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem10.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-12-11 3258256]
R3 IntcDAud;@oem23.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-10-26 342528]
R3 iwdbus;@oem27.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem9.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AmUStor;@oem5.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-06-14 100992]
S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-12-28 89320]
S3 BTATH_LWFLT;@oem15.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-12-28 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 intaud_WaveExtensible;@oem26.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 SPBIUpdd;ShopperPro UpdateD; \??\C:\Program Files\Common Files\ShopperPro\spbiw.sys []
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-01-07 1280768]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 OfficeSvc;Služba Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31 1907896]
R3 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-03-26 277120]
R3 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-12-28 226944]
R3 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R3 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 WakeupService;ASUS Wake Service; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [2012-12-20 45488]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-02-13 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24 116648]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-02-13 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-24 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-12-04 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

# AdwCleaner v4.206 - Log vytvořen 19/06/2015 v 08:00:48
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-05-31.5 [Local]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Michaela - MISCHELL
# Spuštěno z : C:\Users\Michaela\Desktop\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : globalUpdate
[#] Služba Smazáno : globalUpdatem
[#] Služba Smazáno : SPBIUpdd

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\Public\Documents\ShopperPro
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\ShopperPro
Složka Smazáno : C:\Program Files (x86)\YouTube Accelerator
Složka Smazáno : C:\Program Files (x86)\dress4u
Složka Smazáno : C:\Program Files (x86)\disco games
Složka Smazáno : C:\Users\Michaela\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Michaela\AppData\LocalLow\Goobzo
Soubor Smazáno : C:\WINDOWS\System32\drivers\SPPD.sys

***** [ Naplánované úlohy ] *****

Úloha Smazáno : globalUpdateUpdateTaskMachineCore
Úloha Smazáno : globalUpdateUpdateTaskMachineUA
Úloha Smazáno : dress4u_notification_service
Úloha Smazáno : disco_games_notification_service
Úloha Smazáno : 67455cff-43dc-490b-ace5-6ba279c9615b-1-6
Úloha Smazáno : 67455cff-43dc-490b-ace5-6ba279c9615b-1-7
Úloha Smazáno : 67455cff-43dc-490b-ace5-6ba279c9615b-5
Úloha Smazáno : 67455cff-43dc-490b-ace5-6ba279c9615b-5_user
Úloha Smazáno : e0c410e2-38be-4038-862e-31a30ed5e5da-1-6
Úloha Smazáno : e0c410e2-38be-4038-862e-31a30ed5e5da-1-7
Úloha Smazáno : e0c410e2-38be-4038-862e-31a30ed5e5da-5
Úloha Smazáno : e0c410e2-38be-4038-862e-31a30ed5e5da-5_user
Úloha Smazáno : e0c410e2-38be-4038-862e-31a30ed5e5da-6
Úloha Smazáno : e0c410e2-38be-4038-862e-31a30ed5e5da-7
Úloha Smazáno : SPBIW_UpdateTask_Time_313731343537303435342d325b573423416c45555a2a6c

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Klíč Smazáno : HKLM\SOFTWARE\7fd16d77-1a72-4b4c-aeee-9072ef4853eb
Klíč Smazáno : HKLM\SOFTWARE\94f4000e-824b-40af-a194-d96c20dbef45
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\InstallCore
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\AVG SafeGuard toolbar
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\Goobzo
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\ShopperPro
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v43.0.2357.124

[C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP4061AD8E-E023-4FD2-B43A-06C981DB0A50&q={searchTerms}&SSPV=
[C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : 1CF6D66E3D5053BCE8F086CE67F14A093F963B54CF3722B23E61379FB3E43885","homepage_is_newtabpage":"6BFADF39566F8B920D20606EB66D0E707434D410A2761CCFC557640499F1C735","pinned_tabs":"25312350992C823F668FD9CEB07C6CCAE688802AD48240B16BD6E13CB8349044","prefs":{"preference_reset_time":"DB0BFA5684B59BDA9FEC865C509772A3F19ED21FB5EC3608E20EC1A26549610C"},"profile":{"reset_prompt_memento":"A79C8B03D0CF86C3877FDEA835129EC405E3871E3EBC4EC691720BFA12674812"},"safebrowsing":{"incidents_sent":"A9A9DAF7B52DDDDD3EC068E93E3F76F0084898CFB3672648F8272E2DC2C1D063"},"search_provider_overrides":"2C2159AC803C0EDDFE1F116C724B95C338E35E2FA6F4507D060237A8F3F7FD75","session":{"restore_on_startup":"BC6A9FB413D99DD5A384F5BBEEE1C99C4022064E72D7C1081E4953FFFCAC13D7","startup_urls":"454B8ED6A10DDEB0CA5C1939191C7E7724187AB4DC8CA0C23DDA75DED78682D2"},"software_reporter":{"prompt_reason":"829FAE6D45494EBC728321C1A3469ACBB9BE980A69BE51098D1B12A9D513DDB7","prompt_seed":"459D281767DB7B7AC6A48C81B34A404B9E4B81C5B70D596ADA354812FB49AF04","prompt_version":"9F09C9B2AAF7BA61798F95B6282A1CD62A41A37795C0B59969D1965E2FCB7516"},"sync":{"remaining_rollback_tries":"3BE195763793C432A3043C653C62475C6B673BC1E9132E926E3CBE9D2238094F"}},"super_mac":"8190D984590A7D8FD5F96AEA1C16B07D93D9D3924B3A5BEBCC25C37B3C0DC269"},"session":{"startup_urls":["hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP4061AD8E-E023-4FD2-B43A-06C981DB0A50&SSPV=
[C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : 454B8ED6A10DDEB0CA5C1939191C7E7724187AB4DC8CA0C23DDA75DED78682D2"},"software_reporter":{"prompt_reason":"829FAE6D45494EBC728321C1A3469ACBB9BE980A69BE51098D1B12A9D513DDB7","prompt_seed":"459D281767DB7B7AC6A48C81B34A404B9E4B81C5B70D596ADA354812FB49AF04","prompt_version":"9F09C9B2AAF7BA61798F95B6282A1CD62A41A37795C0B59969D1965E2FCB7516"},"sync":{"remaining_rollback_tries":"3BE195763793C432A3043C653C62475C6B673BC1E9132E926E3CBE9D2238094F"}},"super_mac":"8190D984590A7D8FD5F96AEA1C16B07D93D9D3924B3A5BEBCC25C37B3C0DC269"},"session":{"startup_urls":["hxxp://search.conduit.com/?ctid=CT3321897&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP4061AD8E-E023-4FD2-B43A-06C981DB0A50&SSPV=

*************************

AdwCleaner[R0].txt - [12249 bytů] - [19/06/2015 07:57:37]
AdwCleaner[S0].txt - [11038 bytů] - [19/06/2015 08:00:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11097 bytů] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Michaela on p  19. 06. 2015 at 8:20:24,06.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michaela\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19. 6. 2015 8:21:29 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\3efe0bb0-7437-46b8-9a37-eadbc69c11e5 deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\VideoLAN deleted successfully
C:\Program Files\mcafee deleted successfully
C:\PROGRA~3\FolderView deleted successfully
C:\PROGRA~3\McAfee deleted successfully
C:\Users\Michaela\AppData\Roaming\Seznam.cz deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-617181458-1753518847-2725096185-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\3efe0bb0-7437-46b8-9a37-eadbc69c11e5 not found
C:\PROGRA~2\Seznam.cz not found
C:\PROGRA~2\VideoLAN not found
C:\PROGRA~2\6e099a7f-cab6-40e1-ba5c-a1364b8c7401 deleted
C:\windows\SysNative\Tasks\ASUS Patch for Touch Panel deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\Users\Michaela\AppData\Local\Installer deleted
C:\Users\Michaela\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124



==== Chromium Startpages ======================

C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Preferences
,"lastpingday":"13079084399044567","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"cs","default_locale":"en","description":"Peněženka Google pro digitální zboží","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Peněženka Google","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra" ... e.readonly"]},"permissions":["identity","webview","https://wallet.google.com/","https://wa ... eapis.com/*"],"update_url":"https://clients2.google.com/service/upd ... ons":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13079167837534439","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","h ... /googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"FCB3082B0161EAA9BF8F0B27DE0A79AD5299F30047C519ED82384E4BEA2DCE0C"},"default_search_provider":{"keyword":"D259A111757FC3C6BAE56D63BF9566852F70EE73A85A00140DAE61010A400C35","name":"22324B2A002EC9F87A796160446E4CC39547475E0A66D13200CA454800A3FEC7","search_url":"9EA8670919E13E6F35CD07538E684FAA21CA6846FE0383377D305DF5822C4529"},"default_search_provider_data":{"template_url_data":"46A1A6D25D769941E1E0217EAFED39421F5C615A0A82DBCD3101B8CE1C554DD2"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"0DD6B50FC23D40154C04CF74A5EF429063AA208A8F32F57DD5851CF87ADE3528","bepbmhgboaologfdajaanbcjmnhjmhfn":"3B6695B7F694BA7976C2B90BEAACCE627FF710D24D16DA5BEB4C551DC15D28F7","eemcgdkfndhakfknompkggombfjjjeno":"B782B7257B510E8242FA4BAD2E095280A0DE87D2FEEDA1FCDF46AB3CD55BE93D","ennkphjdgehloodpbhlhldgbnhmacadg":"82B40CDE41DB79C76D64D962FF49DDF422539FC22DFFB02CF65D4FC2D2464FC0","gfdkimpbcpahaombhbimeihdjnejgicl":"CB28358C6BB28C15BC7A23F548F7060D03D6968FE7727CEAA87B250C50073971","kmendfapggjehodndflmmgagdbamhnfd":"9C2BB4C6B5C594B2B25F10406E8FD9833285D29540D653C3E9BCC8E2900CD4E6","mfehgcgbbipciphmccgaenjidiccnmng":"C4329E5EB20019DD1D4A3D321B5ADFB34FF49651CB3635E73A5B099A3F003EF8","mgndgikekgjfcpckkfioiadnlibdjbkf":"2DEBC42BC1053B1CEF3EAD7496CD569C9701203E481FCCB88952259C08DEB4F0","mhjfbmdgcfjbbpaeojofohoefgiehjai":"6EA611C514EC01F1CA1742DE6FC5159B2C2C2008021FBE94C7BF07B846C1CB8B","neajdppkdcdipfabeoofebfddakdcjhd":"8F82C7C361CEB81DD7F5FE704B8E106B21E8F438E6D02044A3CA9F68B5CC18EA","nkeimhogjdpnpccoofpliimaahmaaome":"4CA53FF8A9F2CA4A921CE6F4456137B022364F6668EC163D5762DB9013818692","nmmhkkegccagdldgiimedpiccmgmieda":"03C5BEDF7EE7A7CF30EE8DC0F695606575F5CA2B682FB3E806823547F2CB1B15","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"B88545C157F3494830FDEF4100FDB28D225D4BD1BB0BB24CD410D405245B349E"}},"google":{"services":{"last_username":"BC616399CEE87CAEF76005FD7C77E308A01BA021FE7C4ADBEBAA13DE51C7629C","username":"257EFE37AFE7E3BD67F4DD15F66B6C9CF8E0DB38D14EFE54B828495C724651A8"}},"homepage":"1CF6D66E3D5053BCE8F086CE67F14A093F963B54CF3722B23E61379FB3E43885","homepage_is_newtabpage":"6BFADF39566F8B920D20606EB66D0E707434D410A2761CCFC557640499F1C735","pinned_tabs":"882A0EBA4760C281DB2DCC0F89057F203610E7AEE68CFC968D7A7A963D2B81B6","prefs":{"preference_reset_time":"DB0BFA5684B59BDA9FEC865C509772A3F19ED21FB5EC3608E20EC1A26549610C"},"profile":{"reset_prompt_memento":"A79C8B03D0CF86C3877FDEA835129EC405E3871E3EBC4EC691720BFA12674812"},"safebrowsing":{"incidents_sent":"A9A9DAF7B52DDDDD3EC068E93E3F76F0084898CFB3672648F8272E2DC2C1D063"},"search_provider_overrides":"2C2159AC803C0EDDFE1F116C724B95C338E35E2FA6F4507D060237A8F3F7FD75","session":{"restore_on_startup":"BC6A9FB413D99DD5A384F5BBEEE1C99C4022064E72D7C1081E4953FFFCAC13D7","startup_urls":"CD959BCE921E5D09E718885D0D5B097E76765783CBB13239BFB806A5F37FD29C"},"software_reporter":{"prompt_reason":"74BABA053EEBC6B74652BE815D27D628677CA4379F02E7A833C2898948722FD7","prompt_seed":"B0D4C634E137F9D9637FA4E1440327337DCF4F91E49098AD92FD7FE5B74656BE","prompt_version":"C8954FD047D5AD505E68B053689E62896F6694678E88C1EDC2755AC38A702A6C"},"sync":{"remaining_rollback_tries":"521EC1D9666CF18930EB44F30135D4EBEEE5D1E8C6266E2E5418719BEFB91D9B"}},"super_mac":"A394B3D4D7511D6C5C5489F9ED845F3CD889C12B72A46EBAF79C72FA7F2A4070"}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{111A106F-83C8-4F44-8958-7458B8904430} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michaela\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Michaela\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Michaela\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Michaela\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9 folders=10 2580767 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Michaela\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Michaela\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on p  19. 06. 2015 at 8:39:31,76 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Michaela (administrator) on MISCHELL on 19-06-2015 19:48:53
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available Profiles: Michaela)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\Michaela\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros Commnucations)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-617181458-1753518847-2725096185-1001\...\Run: [OneDrive] => C:\Users\Michaela\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-05-22] (Microsoft Corporation)
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2014-11-19]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-617181458-1753518847-2725096185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> URL http://search.conduit.com/Results.aspx? ... rms}&SSPV=
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... earchTerms}
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> {111A106F-83C8-4F44-8958-7458B8904430} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-01-20] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-20] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-05-16] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-01-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-19]
CHR Extension: (Google Docs) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-19]
CHR Extension: (Google Drive) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-19]
CHR Extension: (YouTube) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-19]
CHR Extension: (Google Search) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-19]
CHR Extension: (Google Sheets) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-19]
CHR Extension: (Google Wallet) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-19]
CHR Extension: (Gmail) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-03-26] (ASUS)
R3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 Microsoft Office Groove Audit Service; C:\Users\Michaela\Desktop\Microsoft office 2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R3 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-02-06] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-19 19:48 - 2015-06-19 19:49 - 00021399 _____ C:\Users\Michaela\Desktop\FRST.txt
2015-06-19 19:44 - 2015-06-19 19:48 - 00000000 ____D C:\FRST
2015-06-19 19:43 - 2015-06-19 19:43 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Desktop\FRSTLauncher.exe
2015-06-19 19:40 - 2015-06-19 19:40 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Downloads\Nepotvrzeno 613570.crdownload
2015-06-19 19:39 - 2015-06-19 19:39 - 02109952 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2015-06-19 08:34 - 2015-06-19 08:20 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-06-19 08:20 - 2015-06-19 08:39 - 00015643 _____ C:\zoek-results.log
2015-06-19 08:19 - 2015-06-19 08:33 - 00000000 ____D C:\zoek_backup
2015-06-19 08:19 - 2015-06-19 08:19 - 01308672 _____ C:\Users\Michaela\Desktop\zoek.exe
2015-06-19 07:57 - 2015-06-19 08:00 - 00000000 ____D C:\AdwCleaner
2015-06-19 07:56 - 2015-06-19 07:56 - 02231296 _____ C:\Users\Michaela\Desktop\adwcleaner_4.206.exe
2015-06-19 00:10 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-19 00:10 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-19 00:10 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-19 00:10 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-19 00:10 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-19 00:10 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-19 00:10 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-19 00:10 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-19 00:10 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-19 00:10 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-19 00:10 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-19 00:10 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-19 00:10 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-19 00:10 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-19 00:10 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-19 00:10 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-19 00:10 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-19 00:10 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-19 00:10 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-19 00:10 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-19 00:10 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-19 00:10 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-19 00:10 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-19 00:10 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-19 00:10 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-19 00:10 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-19 00:10 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-19 00:10 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-19 00:10 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-19 00:10 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-19 00:10 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-19 00:10 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-19 00:10 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-19 00:10 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-19 00:09 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-19 00:09 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-19 00:09 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-19 00:09 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-19 00:09 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-19 00:09 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-19 00:09 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-19 00:08 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-19 00:08 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-19 00:08 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-19 00:08 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-19 00:08 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-19 00:08 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-19 00:08 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-19 00:08 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-19 00:08 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-19 00:08 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-19 00:08 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-19 00:08 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-19 00:08 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-19 00:08 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-19 00:08 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-19 00:08 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-19 00:08 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-19 00:08 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-19 00:08 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-19 00:08 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-19 00:08 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-19 00:08 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-19 00:08 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-19 00:08 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-19 00:08 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-19 00:08 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-19 00:08 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-19 00:08 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-19 00:08 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-19 00:08 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-19 00:08 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-19 00:08 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-19 00:08 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-19 00:08 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-19 00:08 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-19 00:08 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-19 00:08 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-19 00:08 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-19 00:08 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-19 00:07 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-18 20:47 - 2015-06-18 20:48 - 00000000 ____D C:\rsit
2015-06-18 20:47 - 2015-06-18 20:48 - 00000000 ____D C:\Program Files\trend micro
2015-06-18 20:47 - 2015-06-18 20:47 - 01222144 _____ C:\Users\Michaela\Desktop\RSITx64.exe
2015-06-18 20:41 - 2015-06-18 20:41 - 02870984 _____ (ESET) C:\Users\Michaela\Desktop\esetsmartinstaller_csy.exe
2015-06-18 19:52 - 2015-06-19 19:41 - 00000000 ____D C:\Users\Michaela\AppData\Local\ClassicShell
2015-06-18 19:52 - 2015-06-18 19:52 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\ClassicShell
2015-06-18 19:52 - 2015-06-18 19:52 - 00000000 ____D C:\ProgramData\ClassicShell
2015-06-18 19:51 - 2015-06-18 19:51 - 00000000 ____D C:\Program Files\Classic Shell
2015-06-18 19:35 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-06-18 19:25 - 2015-06-18 19:25 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-12 21:18 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-06-12 21:18 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-06-12 21:17 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-06-12 21:17 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-06-12 21:17 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-06-12 21:17 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-06-12 21:17 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-06-12 21:17 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-06-12 21:17 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-06-12 21:16 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-06-12 21:16 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-06-12 21:15 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-06-12 21:14 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-06-12 21:14 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-06-12 21:14 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-06-12 21:14 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-06-12 21:14 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-06-12 21:14 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-06-12 21:14 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-12 21:14 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-12 21:14 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-06-12 21:14 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-06-12 21:14 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-06-12 21:13 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-06-12 21:13 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-06-12 21:13 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-26 17:49 - 2014-10-31 05:18 - 04840960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-05-26 17:49 - 2014-10-31 05:09 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-05-26 17:48 - 2014-10-31 06:50 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2015-05-26 17:48 - 2014-10-31 05:30 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2015-05-26 17:48 - 2014-10-31 05:23 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-05-26 17:48 - 2014-10-31 05:22 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2015-05-26 17:48 - 2014-10-31 04:12 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2015-05-25 16:20 - 2015-06-03 18:18 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-25 16:20 - 2015-06-03 18:18 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-24 15:06 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-24 15:06 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-24 15:03 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-24 15:03 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-24 15:03 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-24 15:01 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-24 14:56 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-24 14:56 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-24 14:56 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-24 14:56 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-24 14:43 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-24 14:42 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-24 14:42 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-23 17:56 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-23 17:56 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-19 19:45 - 2014-01-19 18:31 - 01479557 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-19 19:41 - 2014-11-19 19:30 - 00000000 __SHD C:\Users\Michaela\AppData\Local\EmieBrowserModeList
2015-06-19 19:41 - 2014-08-20 15:14 - 00000000 __SHD C:\Users\Michaela\AppData\Local\EmieUserList
2015-06-19 19:41 - 2014-08-20 15:14 - 00000000 __SHD C:\Users\Michaela\AppData\Local\EmieSiteList
2015-06-19 19:38 - 2014-02-02 16:07 - 00003982 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1293EEC8-E5D7-4AF5-8000-2E9E2EE58A75}
2015-06-19 19:37 - 2013-11-27 16:50 - 00000062 _____ C:\Users\Michaela\AppData\Roaming\sp_data.sys
2015-06-19 19:37 - 2013-06-01 19:58 - 00003056 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2015-06-19 19:37 - 2013-06-01 19:57 - 00003004 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
2015-06-19 19:37 - 2013-06-01 19:57 - 00002988 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2015-06-19 19:37 - 2013-06-01 19:56 - 00003114 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-06-19 19:37 - 2013-06-01 19:56 - 00003028 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-06-19 19:37 - 2013-06-01 19:48 - 00003542 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-06-19 19:36 - 2015-01-25 10:08 - 00004986 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MISCHELL-Michaela Mischell
2015-06-19 19:36 - 2014-10-20 11:54 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfec4bccfeaf75.job
2015-06-19 19:36 - 2014-06-17 19:49 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8a548d35be6f.job
2015-06-19 19:36 - 2014-01-14 17:29 - 00000000 ___RD C:\Users\Michaela\SkyDrive
2015-06-19 19:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-19 08:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-19 08:36 - 2013-08-22 16:46 - 00307894 _____ C:\WINDOWS\setupact.log
2015-06-19 08:36 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-19 08:35 - 2013-11-14 05:30 - 01299546 _____ C:\WINDOWS\PFRO.log
2015-06-19 08:35 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-19 08:33 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-06-19 08:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-06-19 08:10 - 2013-12-24 23:22 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-19 08:07 - 2013-08-22 16:44 - 00489704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-19 08:04 - 2014-12-17 16:26 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-19 08:04 - 2014-07-25 09:45 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-19 08:04 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-19 08:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-19 05:02 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-19 05:01 - 2014-03-25 16:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-19 04:50 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2015-06-18 21:29 - 2013-11-27 16:56 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-617181458-1753518847-2725096185-1001
2015-06-18 20:30 - 2015-04-13 21:30 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-18 19:58 - 2015-04-19 22:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-18 19:58 - 2015-04-19 22:41 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-18 19:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-18 19:55 - 2014-02-24 14:42 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-18 19:55 - 2014-01-19 18:09 - 00000000 ____D C:\Users\Michaela
2015-06-18 19:54 - 2013-11-14 14:40 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-18 19:54 - 2013-11-14 14:24 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-06-18 19:54 - 2013-11-14 14:24 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-06-18 19:38 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-06-18 19:37 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-18 19:36 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2015-06-18 19:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-18 19:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-12 20:25 - 2013-12-24 23:28 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-03 19:04 - 2014-02-10 19:59 - 00000000 ____D C:\Users\Michaela\AppData\Roaming\XnView
2015-05-26 19:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-05-26 19:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\FileManager
2015-05-26 19:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Camera
2015-05-25 16:20 - 2013-08-22 17:37 - 00005217 _____ C:\WINDOWS\DtcInstall.log
2015-05-25 16:17 - 2014-08-26 23:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-25 16:17 - 2014-08-26 23:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-24 22:45 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-24 22:43 - 2013-11-14 14:26 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-24 22:43 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-24 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-05-24 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-05-24 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-05-24 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-05-24 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-05-24 22:40 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-05-24 22:40 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2015-05-24 22:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-05-24 22:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-05-24 22:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-05-24 22:38 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-05-24 22:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Com
2015-05-24 22:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-05-24 22:26 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-05-24 22:26 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-05-24 22:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-05-24 22:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-05-24 22:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-05-24 22:24 - 2013-08-22 17:36 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-05-24 22:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-05-24 22:24 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-05-24 22:24 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-05-24 22:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-05-24 22:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-05-24 22:13 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-05-24 22:12 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\WindowsPowerShell
2015-05-24 13:52 - 2014-01-11 12:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-24 13:28 - 2014-01-11 12:07 - 140425016 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-24 12:04 - 2013-08-22 17:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-05-24 12:03 - 2013-08-22 17:36 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-05-22 20:18 - 2014-08-26 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-22 18:20 - 2014-02-22 12:55 - 00003102 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-617181458-1753518847-2725096185-1001
2015-05-20 21:05 - 2014-10-20 11:54 - 00003714 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cfec4bccfeaf75
2015-05-20 21:05 - 2013-12-24 23:22 - 00003950 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

==================== Files in the root of some directories =======

2013-11-27 16:50 - 2015-06-19 19:37 - 0000062 _____ () C:\Users\Michaela\AppData\Roaming\sp_data.sys
2012-11-23 15:06 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-23 15:06 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 2528.57 MB
Total physical RAM: 3981.81 MB
Percentage of memory in use: 36%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8a548d35be6f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfec4bccfeaf75.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Michaela\SkyDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michaela\Desktop" je 626 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP
"C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4
c:\windows\temp\DisableS3S464\sethigh.cmd [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
  HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
  HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
  HKU\S-1-5-21-617181458-1753518847-2725096185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
  SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
  SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> URL http://search.conduit.com/Results.aspx? ... 1DB0A50&q={searchTerms}&SSPV=
  SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... hx?prefix={searchTerms}
  BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-05-16] (IvoSoft)
  
  2015-06-19 19:48 - 2015-06-19 19:49 - 00021399 _____ C:\Users\Michaela\Desktop\FRST.txt
  2015-06-19 19:43 - 2015-06-19 19:43 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Desktop\FRSTLauncher.exe
  2015-06-19 19:40 - 2015-06-19 19:40 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Downloads\Nepotvrzeno 613570.crdownload
  2015-06-19 08:34 - 2015-06-19 08:20 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
  2015-06-19 08:20 - 2015-06-19 08:39 - 00015643 _____ C:\zoek-results.log
  2015-06-19 08:19 - 2015-06-19 08:33 - 00000000 ____D C:\zoek_backup
  2015-06-19 08:19 - 2015-06-19 08:19 - 01308672 _____ C:\Users\Michaela\Desktop\zoek.exe
  2015-06-19 07:57 - 2015-06-19 08:00 - 00000000 ____D C:\AdwCleaner
  2015-06-19 07:56 - 2015-06-19 07:56 - 02231296 _____ C:\Users\Michaela\Desktop\adwcleaner_4.206.exe
  
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8a548d35be6f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfec4bccfeaf75.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
  DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Michaela at 2015-06-19 22:12:55 Run:1
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available Profiles: Michaela)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-617181458-1753518847-2725096185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> URL http://search.conduit.com/Results.aspx? ... 1DB0A50&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-617181458-1753518847-2725096185-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... hx?prefix={searchTerms}
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-05-16] (IvoSoft)

2015-06-19 19:48 - 2015-06-19 19:49 - 00021399 _____ C:\Users\Michaela\Desktop\FRST.txt
2015-06-19 19:43 - 2015-06-19 19:43 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Desktop\FRSTLauncher.exe
2015-06-19 19:40 - 2015-06-19 19:40 - 00112640 _____ (forum.viry.cz) C:\Users\Michaela\Downloads\Nepotvrzeno 613570.crdownload
2015-06-19 08:34 - 2015-06-19 08:20 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-06-19 08:20 - 2015-06-19 08:39 - 00015643 _____ C:\zoek-results.log
2015-06-19 08:19 - 2015-06-19 08:33 - 00000000 ____D C:\zoek_backup
2015-06-19 08:19 - 2015-06-19 08:19 - 01308672 _____ C:\Users\Michaela\Desktop\zoek.exe
2015-06-19 07:57 - 2015-06-19 08:00 - 00000000 ____D C:\AdwCleaner
2015-06-19 07:56 - 2015-06-19 07:56 - 02231296 _____ C:\Users\Michaela\Desktop\adwcleaner_4.206.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8a548d35be6f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfec4bccfeaf75.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-617181458-1753518847-2725096185-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\Wow6432Node\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-617181458-1753518847-2725096185-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-617181458-1753518847-2725096185-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL http://search.conduit.com/Results.aspx? ... => value not found.
HKU\S-1-5-21-617181458-1753518847-2725096185-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON http://suggest.search.conduit.com/CSugg ... => value not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}" => key removed successfully
"C:\Users\Michaela\Desktop\FRST.txt" => File/Folder not found.
C:\Users\Michaela\Desktop\FRSTLauncher.exe => moved successfully.
C:\Users\Michaela\Downloads\Nepotvrzeno 613570.crdownload => moved successfully.
C:\WINDOWS\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\Users\Michaela\Desktop\zoek.exe => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\Michaela\Desktop\adwcleaner_4.206.exe => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8a548d35be6f.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfec4bccfeaf75.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4 => key removed successfully
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not restore Hosts.
EmptyTemp: => 34.9 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 22:14:48 ====

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

dekuji

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat