VIRY.CZ

Zdravim, na novom notebooku (i5) mi v priebehu pár dní výrazne poklesol výkon, batéria vydrží sotva hodinu, mala som problémy s tým, že v Chrome sa mi nastavil ako default search engine Google Custom Search, pričom sa to nedalo dať preč... Našla som, že by malo ísť o vírus - vedel by mi niekto skontrolovať log? Ďakujem...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Andrea (administrator) on LENOVO (10-03-2016 10:18:12)
Running from C:\Users\Andrea\Downloads
Loaded Profiles: Andrea (Available Profiles: Andrea)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Flux Software LLC) C:\Users\Andrea\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-03-27] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [689968 2015-01-18] (Alps Electric Co., Ltd.)
HKLM\...\Run: [LenovoUtility] => "C:\Program Files\Lenovo\LenovoUtility\utility.exe"
HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\...\Run: [f.lux] => C:\Users\Andrea\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\...\Run: [uTorrent] => C:\Users\Andrea\AppData\Roaming\uTorrent\uTorrent.exe [2065944 2016-02-13] (BitTorrent Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-26] (Microsoft Corporation)
Startup: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Andrea.lnk [2016-02-18]
ShortcutTarget: Andrea.lnk -> C:\ProgramData\kcgsw\kcgsw.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 158.195.6.2 158.195.6.3 158.195.4.3
Tcpip\..\Interfaces\{3C4AC56E-CFC3-42B6-892E-4E4B444EDFE3}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{D8C09AD4-C300-4328-BF8D-96D2996451D0}: [DhcpNameServer] 158.195.6.2 158.195.6.3 158.195.4.3

Internet Explorer:
==================
HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1612608816-2551762866-3647976719-1001 -> DefaultScope {DDD79679-50CB-4901-BC68-76A861AD544A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-26] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-26] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-02-26] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-02-26] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-01-19] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-02-10] (McAfee, Inc.)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-03-05] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-02-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-03-05] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-02-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-09] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-03-09] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Profile: C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prekladač Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-12-10]
CHR Extension: (Prezentácie Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-10]
CHR Extension: (Dokumenty Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-10]
CHR Extension: (Disk Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (Google Search) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Gmail™ Notifier) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2016-02-07]
CHR Extension: (Tabuľky Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-10]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-10]
CHR Extension: (AdBlock) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-10]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]
CHR Extension: (Gmail) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-09]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [80176 2015-01-16] (Alps Electric Co., Ltd.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [309048 2015-03-03] (Qualcomm Atheros)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2522616 2015-12-18] (ESET)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-03-27] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-02-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-02-25] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-02-10] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R3 mfevtp; C:\windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263528 2015-12-18] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-09-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-12-18] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2015-12-18] (ESET)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
S3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-10] (Malwarebytes)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 Qcamain; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2301440 2015-02-13] (Qualcomm Atheros, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ACPIVPC; \SystemRoot\System32\drivers\AcpiVpc.sys [X]
S3 KMDFVirtualKbd; \SystemRoot\System32\drivers\KMDFVirtualKbd.sys [X]
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-10 10:18 - 2016-03-10 10:19 - 00021418 _____ C:\Users\Andrea\Downloads\FRST.txt
2016-03-10 10:15 - 2016-03-10 10:18 - 00000000 ____D C:\FRST
2016-03-10 10:15 - 2016-03-10 10:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Andrea\Downloads\hijackthis.exe
2016-03-10 10:14 - 2016-03-10 10:15 - 02374144 _____ (Farbar) C:\Users\Andrea\Downloads\FRST64.exe
2016-03-10 09:23 - 2016-03-10 10:11 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-10 09:22 - 2016-03-10 09:22 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-10 09:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-03-10 09:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-03-10 09:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-03-10 09:21 - 2016-03-10 09:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-10 09:21 - 2016-03-10 09:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-09 19:21 - 2016-03-09 19:21 - 00000000 ____D C:\Users\Andrea\Documents\Vlastné šablóny balíka Office
2016-03-09 18:06 - 2016-03-09 18:06 - 00001947 _____ C:\Users\Public\Desktop\McAfee LiveSafe.lnk
2016-03-09 18:06 - 2016-03-09 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-09 18:05 - 2016-03-09 18:05 - 00003080 _____ C:\windows\System32\Tasks\McAfeeLogon
2016-03-09 18:05 - 2016-03-09 18:05 - 00000000 ____D C:\windows\System32\Tasks\McAfee
2016-03-09 18:05 - 2016-03-09 18:05 - 00000000 ____D C:\ProgramData\Intel Security
2016-03-09 18:05 - 2015-11-25 07:29 - 00083096 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfeelamk.sys
2016-03-09 18:05 - 2015-11-25 07:29 - 00079248 _____ (McAfee, Inc.) C:\windows\system32\Drivers\cfwids.sys
2016-03-09 18:05 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
2016-03-09 18:04 - 2015-11-25 07:29 - 00496368 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfefirek.sys
2016-03-09 18:04 - 2015-11-25 07:29 - 00245096 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfewfpk.sys
2016-03-09 18:03 - 2016-03-09 19:04 - 00003348 _____ C:\windows\System32\Tasks\McAfee Remediation (Prepare)
2016-03-09 18:03 - 2016-03-09 18:06 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-09 18:03 - 2016-03-09 18:05 - 00000000 ____D C:\Program Files\McAfee
2016-03-09 18:03 - 2016-03-09 18:03 - 00000000 ____D C:\Program Files\McAfee.com
2016-03-09 18:03 - 2016-03-09 18:03 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-03-09 18:03 - 2016-03-09 18:03 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-09 18:02 - 2015-11-25 07:29 - 00419624 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfeaack.sys
2016-03-09 18:02 - 2015-11-25 07:29 - 00351144 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfeavfk.sys
2016-03-09 18:01 - 2016-03-09 18:06 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-03-09 18:01 - 2015-11-25 07:29 - 00846080 _____ (McAfee, Inc.) C:\windows\system32\Drivers\mfehidk.sys
2016-03-09 18:01 - 2015-11-18 14:24 - 00275368 _____ (McAfee, Inc.) C:\windows\system32\mfevtps.exe
2016-03-06 07:50 - 2016-03-10 10:11 - 00000290 __RSH C:\Users\Andrea\ntuser.pol
2016-03-06 07:32 - 2016-03-10 09:47 - 00000000 __SHD C:\ProgramData\Mozilla
2016-03-05 21:33 - 2016-03-09 15:49 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-05 21:33 - 2016-03-05 21:33 - 00002078 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-05 21:33 - 2016-03-05 21:33 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-02 16:34 - 2016-03-02 16:35 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\Opera Software
2016-03-02 16:34 - 2016-03-02 16:35 - 00000000 ____D C:\Users\Andrea\AppData\Local\Opera Software
2016-03-02 16:34 - 2016-03-02 16:35 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-02 16:34 - 2016-03-02 16:34 - 00001277 _____ C:\Program Files (x86)\Kinder Garten.lnk
2016-03-02 16:34 - 2016-03-02 16:34 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\ToomkyGames.com
2016-03-02 16:34 - 2016-03-02 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToomkyGames
2016-03-02 16:34 - 2016-03-02 16:34 - 00000000 ____D C:\Program Files (x86)\ToomkyGames.com
2016-03-02 13:36 - 2016-03-02 13:36 - 00163405 _____ C:\Users\Andrea\Desktop\Veľká noc.pdf
2016-03-01 20:54 - 2016-03-06 17:25 - 00011264 ___SH C:\Users\Andrea\Documents\Thumbs.db
2016-02-23 10:01 - 2016-02-23 10:01 - 00011312 _____ C:\Users\Andrea\Desktop\Rozvrh J.html
2016-02-19 21:06 - 2016-02-19 21:06 - 00012319 _____ C:\Users\Andrea\Desktop\Rozvrh A.html
2016-02-19 14:37 - 2016-02-19 14:51 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-19 14:37 - 2016-02-19 14:37 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-02-19 14:37 - 2016-02-19 14:37 - 00001058 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-02-19 14:37 - 2016-02-19 14:37 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\TeamViewer
2016-02-18 19:14 - 2016-03-10 09:50 - 00000000 __SHD C:\ProgramData\Unknown
2016-02-18 19:04 - 2016-03-10 09:50 - 00000000 __SHD C:\ProgramData\kcgsw
2016-02-18 09:25 - 2016-02-18 09:25 - 00000000 ____D C:\Users\Andrea\AppData\LocalLow\Temp
2016-02-14 12:46 - 2016-03-09 20:11 - 00000000 ____D C:\Users\Andrea\Desktop\ANG II
2016-02-14 12:46 - 2016-03-07 18:46 - 00000000 ____D C:\Users\Andrea\Desktop\MV
2016-02-14 12:46 - 2016-02-14 12:46 - 00000000 ____D C:\Users\Andrea\Desktop\KLI
2016-02-14 12:45 - 2016-03-09 20:11 - 00000000 ____D C:\Users\Andrea\Desktop\PDS II
2016-02-14 12:45 - 2016-02-27 11:16 - 00000000 ____D C:\Users\Andrea\Desktop\RIM II
2016-02-14 12:45 - 2016-02-23 19:40 - 00000000 ____D C:\Users\Andrea\Desktop\TEO II
2016-02-11 21:28 - 2016-02-12 12:35 - 00000078 _____ C:\Users\Andrea\Desktop\NET.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-10 10:16 - 2015-12-10 10:36 - 00000000 ____D C:\Users\Andrea\AppData\Local\VirtualStore
2016-03-10 10:11 - 2015-12-10 10:40 - 00000954 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-10 10:11 - 2015-12-10 10:36 - 00000000 __SHD C:\Users\Andrea\IntelGraphicsProfiles
2016-03-10 10:11 - 2015-12-10 10:36 - 00000000 ____D C:\Users\Andrea
2016-03-10 09:58 - 2014-11-21 05:44 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-10 09:58 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-03-10 09:52 - 2015-12-10 10:40 - 00000958 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-10 09:50 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-10 09:50 - 2013-08-22 15:44 - 00526880 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-10 09:49 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-03-10 06:29 - 2015-05-22 19:59 - 00000000 ____D C:\ProgramData\McAfee
2016-03-10 06:28 - 2015-12-10 10:41 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1612608816-2551762866-3647976719-1001
2016-03-10 06:11 - 2015-12-10 10:38 - 00003966 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{0823F22E-30D8-44E7-A7D8-8F110BE9E1F9}
2016-03-09 20:06 - 2015-12-10 18:55 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\vlc
2016-03-09 18:07 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2016-03-09 18:05 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\ELAMBKUP
2016-03-09 07:43 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 07:43 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-03-08 16:28 - 2015-12-10 10:36 - 00000000 ____D C:\Users\Andrea\AppData\Local\Packages
2016-03-07 19:51 - 2015-12-09 21:01 - 00001960 _____ C:\Users\Andrea\Desktop\ORDERS.txt
2016-03-06 18:54 - 2015-12-24 09:15 - 00547840 ___SH C:\Users\Andrea\Desktop\Thumbs.db
2016-03-06 15:34 - 2016-01-13 21:33 - 00000176 _____ C:\Users\Andrea\Desktop\TO DO.txt
2016-03-06 07:50 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\system32\GroupPolicy
2016-03-06 07:50 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
2016-03-06 07:49 - 2015-12-12 10:28 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-03-05 21:34 - 2015-12-12 10:27 - 00000000 ____D C:\Users\Andrea\AppData\Local\Adobe
2016-03-05 21:33 - 2015-12-12 10:28 - 00000000 ____D C:\ProgramData\Adobe
2016-03-04 12:55 - 2016-01-18 15:37 - 00000000 ____D C:\Users\Andrea\Desktop\BAZ
2016-03-02 17:48 - 2015-12-18 14:46 - 00000000 ____D C:\Users\Andrea\AppData\LocalLow\uTorrent
2016-03-02 17:48 - 2015-12-10 13:11 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\uTorrent
2016-03-01 09:52 - 2016-01-22 22:16 - 00000000 ____D C:\Users\Andrea\Documents\Filmy
2016-03-01 09:08 - 2016-01-15 15:59 - 00000000 ____D C:\Users\Andrea\Desktop\B
2016-02-27 12:17 - 2015-12-25 19:39 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\Farm Mania 2.1
2016-02-26 07:39 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-26 07:38 - 2015-12-10 11:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-24 21:58 - 2015-12-10 10:38 - 00000000 __SHD C:\Users\Andrea\AppData\LocalLow\EmieUserList
2016-02-24 21:58 - 2015-12-10 10:38 - 00000000 __SHD C:\Users\Andrea\AppData\LocalLow\EmieSiteList
2016-02-24 21:58 - 2015-12-10 10:38 - 00000000 __SHD C:\Users\Andrea\AppData\LocalLow\EmieBrowserModeList
2016-02-24 21:58 - 2015-12-10 10:38 - 00000000 __SHD C:\Users\Andrea\AppData\Local\EmieUserList
2016-02-24 21:58 - 2015-12-10 10:38 - 00000000 __SHD C:\Users\Andrea\AppData\Local\EmieSiteList
2016-02-24 21:58 - 2015-12-10 10:38 - 00000000 __SHD C:\Users\Andrea\AppData\Local\EmieBrowserModeList
2016-02-21 19:42 - 2015-12-25 19:39 - 00000000 ____D C:\Users\Andrea\AppData\Roaming\Farm Mania 2
2016-02-20 18:22 - 2016-01-22 20:09 - 00000000 ____D C:\Program Files (x86)\Farm Mania 1
2016-02-20 07:55 - 2015-12-10 10:40 - 00002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 07:55 - 2015-12-10 10:40 - 00002226 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 14:51 - 2015-12-09 21:01 - 00000302 _____ C:\Users\Andrea\Desktop\H.txt

==================== Files in the root of some directories =======

2016-03-02 16:34 - 2016-03-02 16:34 - 0001277 _____ () C:\Program Files (x86)\Kinder Garten.lnk
2015-05-22 19:30 - 2015-05-22 19:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Andrea\AppData\Local\Temp\0064081457543022mcinst.exe
C:\Users\Andrea\AppData\Local\Temp\McCSPInstall.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-08 09:13

==================== End of FRST.txt ============================

Ešte aj Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Andrea (2016-03-10 10:19:24)
Running from C:\Users\Andrea\Downloads
Windows 8.1 (X64) (2015-12-10 09:36:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1612608816-2551762866-3647976719-500 - Administrator - Disabled)
Andrea (S-1-5-21-1612608816-2551762866-3647976719-1001 - Administrator - Enabled) => C:\Users\Andrea
Guest (S-1-5-21-1612608816-2551762866-3647976719-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1612608816-2551762866-3647976719-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 9.0.318.32 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Antivírusový a antispywarový softvér McAfee (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 9.0.351.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
AS: Antivírusový a antispywarový softvér McAfee (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.232 - Alps Electric)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.1.0.7 - Lenovo)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
ESET NOD32 Antivirus (HKLM\...\{2E442FF1-8609-4407-B861-11662346F835}) (Version: 9.0.318.32 - ESET, spol. s r.o.)
f.lux (HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\...\Flux) (Version: - )
Farm Mania - Hot Vacation (HKLM-x32\...\Farm Mania - Hot Vacation1.0) (Version: 1.0 - AllSmartGames)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4112 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.3.1001 - Intel Corporation)
KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS)
Kinder Garten (HKLM-x32\...\Kinder Garten_is1) (Version: - ToomkyGames.com)
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Malwarebytes Anti-Malware verzia 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.7085 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.173 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 15.0.4797.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 3.0.0.471 - Qualcomm Atheros)
Qualcomm Atheros 61x4 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.780M - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39064 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.37.1119.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7463 - Realtek Semiconductor Corp.)
Solid Edge ST7 (HKLM\...\{AB0F3228-D90C-4574-8A28-589483A68C93}) (Version: 107.00.00104 - Siemens)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0246514F-1919-44F0-93A7-A500627D4596} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {0FD0DB39-E30F-49D9-A8A5-706ADC40F54B} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {13A272B9-A5D5-4D06-8C78-6063C34B1F4A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {1CE992F3-906A-4C71-9EAA-34B63DB60628} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {342C0C12-C404-4B4C-BF46-E59B22FC12C5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-02-26] (Microsoft Corporation)
Task: {36D3C26B-A91E-49CE-878C-FA7AABF13C3B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {467E1679-21D6-4F47-B486-72394A4D61A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {48A25F83-EA9B-4063-93DA-B07B68AB4752} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
Task: {9E0E10B3-BDCC-4A03-A963-4B6247C51792} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {A57E7C95-0335-4591-B645-06C3E0869A4A} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A82526B8-8250-48C8-A631-A56D87A61244} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {AEAA2C8B-4A94-4E68-869A-BCB44416375E} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {B3B29F4C-6BEF-4801-AD53-4E0C42BE486D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
Task: {E1E69D56-6F21-413C-9863-86DF788B6749} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation)
Task: {FDA1DED2-D5B1-4E4F-9A83-A4C31F493503} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-01-03] (McAfee, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-02-04 10:18 - 2015-02-04 10:18 - 00139264 _____ () C:\windows\system32\ihvmanager\AthIHVManager.dll
2015-12-10 11:33 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-05-22 20:02 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-05-22 19:57 - 2014-10-22 18:15 - 00644080 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-05-22 02:50 - 2015-02-09 07:45 - 00391784 _____ () C:\windows\system32\igfxTray.exe
2015-05-22 19:57 - 2014-10-22 18:15 - 00410096 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2015-05-22 19:29 - 2015-02-09 04:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-11-10 20:12 - 2014-11-10 20:12 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-02-20 07:55 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-20 07:55 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-12-12 10:29 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 158.195.6.2 - 158.195.6.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1612608816-2551762866-3647976719-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B7DE0378-2BA0-44F8-A430-E8BF19A792F0}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{447C95D6-A652-4B53-81C0-E280E91944DC}] => (Allow) LPort=55100
FirewallRules: [{AF686ED3-E261-4D4A-A455-632EA3CDFCD2}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{E35B088E-F045-4216-8941-BF221CEC9B86}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E6A014D5-6A38-429C-9433-26DF119062AE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{B40C236E-3C28-4843-95F4-D952209151B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D44E30BE-17A7-4261-AE60-14444614B9BD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{1239C0FC-66A2-4833-860B-0044C53193E7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{62A88932-371B-4D24-9DF2-180163BAD713}] => (Allow) C:\Users\Andrea\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FD7DBE6E-8C47-423C-B3C1-29B3765FD37B}] => (Allow) C:\Users\Andrea\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{484D293E-7888-4BFC-9D41-0012E55F8533}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot5.exe
FirewallRules: [{398FCA77-EA1E-4827-B897-76EE1766388F}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot_daemon.exe
FirewallRules: [{57E75F12-01A4-4750-A674-C4EC77738582}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{581189B2-5E31-4B11-A118-4BE614992A3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{41D089FC-3731-4D8E-A5F7-5492F16EBC11}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F48D749C-2E7B-40E7-A0E4-52D85CDA1664}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CAA717F7-E87B-44E9-BE52-4D0078E63939}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{11CE2932-5EDA-4A75-8E9F-2BC6FCCFCA49}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{D6797CB2-0DF2-4434-8DD6-3C5A650A8723}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{3323C2BD-577C-4605-90D6-11269F43EE72}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{6EEDE0B1-81A3-4DF2-A741-53DABB1ADA56}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{E0609857-A20E-4633-BE57-975E900F1FA7}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

==================== Restore Points =========================

15-02-2016 10:44:18 Scheduled Checkpoint
23-02-2016 08:51:50 Scheduled Checkpoint
03-03-2016 06:13:42 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Lenovo Virtual Keyboard Device
Description: Lenovo Virtual Keyboard Device
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: KMDFVirtualKbd
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/10/2016 09:58:06 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/10/2016 09:58:06 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/10/2016 09:13:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WinGather.exe, verzia: 1.1.0.7, časová značka: 0x544746d8
Názov chybujúceho modulu: USER32.dll, verzia: 6.3.9600.18146, časová značka: 0x5650afd4
Kód výnimky: 0xc0000142
Odstup chyby: 0x0009d572
Identifikácia chybujúceho procesu: 0x6c0
Čas spustenia chybujúcej aplikácie: 0xWinGather.exe0
Cesta chybujúcej aplikácie: WinGather.exe1
Cesta chybujúceho modulu: WinGather.exe2
Identifikácia hlásenia: WinGather.exe3
Celé meno chybujúceho balíka: WinGather.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: WinGather.exe5

Error: (03/10/2016 09:13:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WinGather.exe, verzia: 1.1.0.7, časová značka: 0x544746d8
Názov chybujúceho modulu: USER32.dll, verzia: 6.3.9600.18146, časová značka: 0x5650afd4
Kód výnimky: 0xc0000142
Odstup chyby: 0x0009d572
Identifikácia chybujúceho procesu: 0x1e28
Čas spustenia chybujúcej aplikácie: 0xWinGather.exe0
Cesta chybujúcej aplikácie: WinGather.exe1
Cesta chybujúceho modulu: WinGather.exe2
Identifikácia hlásenia: WinGather.exe3
Celé meno chybujúceho balíka: WinGather.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: WinGather.exe5

Error: (03/10/2016 06:10:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/10/2016 06:10:08 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (03/10/2016 06:09:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WinGather.exe, verzia: 1.1.0.7, časová značka: 0x544746d8
Názov chybujúceho modulu: USER32.dll, verzia: 6.3.9600.18146, časová značka: 0x5650afd4
Kód výnimky: 0xc0000142
Odstup chyby: 0x0009d572
Identifikácia chybujúceho procesu: 0xbbc
Čas spustenia chybujúcej aplikácie: 0xWinGather.exe0
Cesta chybujúcej aplikácie: WinGather.exe1
Cesta chybujúceho modulu: WinGather.exe2
Identifikácia hlásenia: WinGather.exe3
Celé meno chybujúceho balíka: WinGather.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: WinGather.exe5

Error: (03/10/2016 06:08:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WinGather.exe, verzia: 1.1.0.7, časová značka: 0x544746d8
Názov chybujúceho modulu: USER32.dll, verzia: 6.3.9600.18146, časová značka: 0x5650afd4
Kód výnimky: 0xc0000142
Odstup chyby: 0x0009d572
Identifikácia chybujúceho procesu: 0x5fc
Čas spustenia chybujúcej aplikácie: 0xWinGather.exe0
Cesta chybujúcej aplikácie: WinGather.exe1
Cesta chybujúceho modulu: WinGather.exe2
Identifikácia hlásenia: WinGather.exe3
Celé meno chybujúceho balíka: WinGather.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: WinGather.exe5

Error: (03/09/2016 09:10:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f04

Start Time: 01d179cd916c4c1a

Termination Time: 0

Application Path: C:\windows\Explorer.EXE

Report Id: 74c09a06-e62d-11e5-8273-f0761cae8cf2

Faulting package full name:

Faulting package-relative application ID:

Error: (03/09/2016 07:23:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WINWORD.EXE version 15.0.4797.1003 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 570

Start Time: 01d17a2f8dc6f23d

Termination Time: 22

Application Path: C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE

Report Id: b84ccb75-e623-11e5-8273-f0761cae8cf2

Faulting package full name:

Faulting package-relative application ID:


System errors:
=============
Error: (03/10/2016 09:49:29 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby ClickToRunSvc bol dosiahnutý časový limit (30000 ms).

Error: (03/10/2016 09:49:29 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby mfemms bol dosiahnutý časový limit (30000 ms).

Error: (03/10/2016 09:49:29 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Počas čakania na odpoveď transakcie od služby FontCache3.0.0.0 bol dosiahnutý časový limit (30000 ms).

Error: (03/10/2016 07:03:02 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (03/10/2016 06:28:47 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/10/2016 06:28:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Interactive Services Detection bola ukončená s nasledujúcou chybou:
%%1

Error: (03/09/2016 09:59:35 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (03/09/2016 06:07:34 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (03/09/2016 06:07:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Interactive Services Detection bola ukončená s nasledujúcou chybou:
%%1

Error: (03/09/2016 06:07:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Interactive Services Detection bola ukončená s nasledujúcou chybou:
%%1


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 4009.84 MB
Available physical RAM: 1455.99 MB
Total Virtual: 7209.84 MB
Available Virtual: 4225.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:426.06 GB) (Free:222.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 25AD8718)

Partition: GPT.

==================== End of Addition.txt ============================

ahoj
- odinstaluj jeden z dvojice AV >> McAfee alebo NOD
- odinstaluj MBAM
- WinGathe ma chyby - bud ho preinstaluj alebo odinstaluj
- vycisti PC s CCleanerom
- vycisti PC s ADWCleanerom
napis ci nastala zmena

Vďaka, už sa to zlepšilo. Výdrž batérie je stále nižšia, ale ostatné je v poriadku.

Pokial sa bude vydrz baterie nadalej skracovat, pokial je NTB v zaruke, tak je to na reklamaciu
Rado sa stalo